OpenSSL SSL/TLS clients and servers are being compromised by man-in-the-middle (MITM) attacks. In this attack, a hacker can decrypt and modify traffic between vulnerable clients and servers. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers appear to be vulnerable to just OpenSSL 1.0.1 and 1.0.2-beta1. This vulnerability affects Symantec Secure Email Proxy and Symantec Secure App Proxy.
For more information about this vulnerability, go to the following link: www.openssl.org/news/secadv_20140605.txt
Apply a patch to your proxy:
1. Download the file attached to this KB.
The attached file is an ISO that contains a script. The script detects App Proxy or Email Proxy installation, displays currently used versions of OpenSSL and the version to be applied, and prompts you to apply the patch.
2. Mount the .iso.
3. Type the following command:
Symantec Secure Email Proxy server 4.4 and later
Symantec Secure App Proxy server 4.4 and later