PGP Universal Server versions prior to 3.2.x (except 3.0.1 SP1 HF1 or 2.12 SP4 HF) may be vulnerable.
PGP Universal Server versions since 3.2.0, PGP Universal version 3.0.1 SP1 HF1 or 2.12 SP4 HF1 are not vulnerable.
For CVE-2009-3555 version OpenSSL 0.9.8k and below might be affected For CVE-2011-1473 version OpenSSL 0.9.8k and below, version OpenSSL 1.0 or OpenSSL 1.0.2 might be affected
Please note that although PGP Universal Server shows an older OpenSSL version, it will contain all the latest patches as of the time of the release date. For example on a PGP Universal 3.2.1 MP3 server, the fix for CVE-2009-3555 was applied but it shows an older OpenSSL version which would be vulnerable without the applied patch.
# openssl version OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
Imported Document ID: TECH198802
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.