Citrix Access Gateway Unspecified Information Disclosure Vulnerability
BID:21079
Info
Citrix Access Gateway Unspecified Information Disclosure Vulnerability
| Bugtraq ID: | 21079 |
| Class: | Unknown |
| CVE: |
CVE-2006-6573 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 14 2006 12:00AM |
| Updated: | Jan 29 2007 03:08PM |
| Credit: | This issue was discovered by Thierry Zoller and Laurent Kempenaar. |
| Vulnerable: |
Citrix Access Gateway Advanced Edition 4.5 Citrix Access Gateway AAC 4.2 |
| Not Vulnerable: | |
Discussion
Citrix Access Gateway Unspecified Information Disclosure Vulnerability
Citrix Access Gateway is prone to an information disclosure vulnerability.
An attacker can exploit this issue to disclose sensitive information that may be used to gain unauthorized access to the application.
This issue affects Access Gateway 4.5 Advanced Edition and Access Gateway 4.2 with Advanced Access Control 4.2 (currently known as Access Gateway 4.2 Advanced Edition) when deployed with the following versions of the Access Gateway appliance:
Access Gateway appliance 4.2
Access Gateway appliance 4.2.1
Access Gateway appliance 4.2.2
Citrix Access Gateway is prone to an information disclosure vulnerability.
An attacker can exploit this issue to disclose sensitive information that may be used to gain unauthorized access to the application.
This issue affects Access Gateway 4.5 Advanced Edition and Access Gateway 4.2 with Advanced Access Control 4.2 (currently known as Access Gateway 4.2 Advanced Edition) when deployed with the following versions of the Access Gateway appliance:
Access Gateway appliance 4.2
Access Gateway appliance 4.2.1
Access Gateway appliance 4.2.2
Exploit / POC
Citrix Access Gateway Unspecified Information Disclosure Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Citrix Access Gateway Unspecified Information Disclosure Vulnerability
Solution:
The vendor has released updates to address this issue.
Please see the referenced advisory for more information.
Citrix Access Gateway AAC 4.2
Solution:
The vendor has released updates to address this issue.
Please see the referenced advisory for more information.
Citrix Access Gateway AAC 4.2
-
Citrix AAC420W004.zip
http://support.citrix.com/servlet/KbServlet/download/11002-102-15244/A AC420W004.zip
References
Citrix Access Gateway Unspecified Information Disclosure Vulnerability
References:
References: