2.5.913 and below
There are two applicable Hotfixes for 2.5:
1. Hotfix_7115.zip addresses "CVE-2004-2761 - MD5 - Hash-collision Issue" for the TPAM appliance.
For versions 2.5.909-2.5.914:
Removes weaker HMACs & Ciphers from SSH Listener. An exception for blowfish-cbc, and this is required for PSM functionality.
2. Hotfix_7184.zip addresses "CVE-2004-2761 - MD5 - Hash-collision Issue" for any DPAs (Distributed Processing Appliances).
For versions 2.5.904-2.5.913:
Update supported Ciphers and Hmacs on DPA
No hotfixes are required, these fixes are included.