Video Screencast Help

CRIME TLS Compression Vulnerability with PGP Universal Server

Created: 22 Oct 2012 | 1 comment

We are running PGP Universal Server 3.2.1 (Build 4940) and it seems that this server is vulnerable to the new CRIME TLS Compression vulnerability. Has PGP addressed this issue with a patch? A possible workaround for this is to disable TLS Compression. I have looked through the settings of our server and do not see a way to do that. Does anyone have a solution to this problem?

If you scan your PGP server with this site or any security vulnerability application you will get more details about the vulnerability.


Comments 1 CommentJump to latest comment

Alex_CST's picture

This will have to be a reconfiguration of Tomcat & Apache as there are fixes for both by Apache are already out in the aether.

Please mark posts as solutions if they solve your problem!