AttachmateWRQ, Inc. Information for VU#845620

Multiple RSA implementations fail to properly handle signatures

Status

Affected

Vendor Statement

Attachmate has determined that Reflection for the Web is not vulnerable to CERT issue VU#845620.

Attachmate has determined that certain clients in the Reflection product line are vulnerable to CERT issue VU#845620. Attachmate is making patches available. For more information, see Attachmate’s support website at http://support.wrq.com/techdocs/2137.html.

Attachmate is still investigating whether the Reflection for Secure IT products (RSIT Server for Windows and RSIT Client and Server for UNIX) are vulnerable to CERT issue VU#845620.  Please check the support web site below for the latest information.

Attachmate advises that interested parties regularly check Attachmate’s support websites for updates on security related issues:
http://support.wrq.com/techdocs/1708.html for Reflection products
http://support.wrq.com/techdocs/1704.html for Reflection for the Web
http://support.wrq.com/techdocs/1910.html for Reflection for Secure IT products

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.