Security Bulletins

1
2
Next >

Security Bulletins	Created	Modified	Read	Rating
Vulnerability in XenServer could result in privilege escalation and arbitrary code execution Severity : Medium Description of Problem A vulnerabilitly has been identified in Citrix XenServer that could result in attackers escaping a guest domain and potentially executi... CTX118766	11/17/08	11/17/08	1,008
Vulnerability in Citrix Web Interface 5.0 for Java Application Servers could result in failure to terminate Web Interface user sessions Severity : Medium Description of Problem A vulnerability has been identified in Citrix Web Interface 5.0 for Java Application Servers that could result in the disconnection pro... CTX118768	10/24/08	10/24/08	1,724	Unrated
Vulnerability in Citrix Presentation Server for Windows could result in privilege escalation Severity : Low Description of Problem A vulnerability has been identified in Citrix Presentation Server for Windows that could result in an authenticated interactive user escal... CTX116310	9/29/08	9/29/08	2,141	Unrated
Vulnerability in Access Gateway Standard and Advanced Edition Appliance firmware could result in DNS Cache Poisoning Severity: Medium Description of Problem A vulnerability has been identified in the Access Gateway Standard and Advanced Edition appliance firmware that could affect the functionality of ... CTX118183	9/2/08	9/10/08	2,541
Vulnerability in NetScaler and Access Gateway Enterprise Edition could result in DNS Cache Poisoning Severity: High Description of Problem A vulnerability has been identified in the Citrix NetScaler and Access Gateway Enterprise Edition appliances that could result in Domain Name System (DNS... CTX117991	7/24/08	8/4/08	4,125
Privilege Escalation Vulnerability in Citrix Deterministic Network Enhancer (dne2000.sys) Severity : Low Description of Problem A vulnerability has been identified in the Citrix Deterministic Network Enhancer (DNE) which, when exploited, could result in an escalation of p... CTX117751	7/18/08	7/18/08	2,317
Cross-site scripting vulnerability in XenServer XenAPI HTTP Interfaces Severity : Low Description of Problem A cross-site scripting vulnerability has been identified in XenServer’s XenAPI HTTP interfaces. When a specially constructed URL is sent to... CTX117814	7/16/08	7/16/08	1,913
Vulnerability in Citrix Presentation Server could allow authenticated users to gain unauthorized access to a desktop session Severity : Medium Description of Problem Citrix Presentation Server provides access control to both published applications and published desktops. Under specific circumstances,... CTX116941	5/12/08	5/13/08	10,860
Vulnerability in Citrix Presentation Server could result in cryptographic settings not being correctly enforced Severity : Medium Description of Problem The ICA protocol offers configurable encryption capabilities, known as SecureICA and ICA Basic encryption, that can be used to secure t... CTX114893	5/12/08	5/12/08	5,603
Vulnerability in Access Gateway Standard Edition and Advanced Edition appliance firmware could result in authentication bypass Severity : High Description of Problem A vulnerability exists in Access Gateway that, in certain configurations, could allow unauthenticated access to network resources. ... CTX116930	5/9/08	5/9/08	4,833
Vulnerabilities in Access Gateway Advanced Edition could allow redirection to arbitrary web sites Severity : Medium Description of Problem Vulnerabilities have been identified in Access Gateway Advanced Edition that may allow an attacker to redirect a user to an arbitrary w... CTX113816	7/19/07	4/22/08	8,825
Vulnerabilities in Access Gateway Advanced Edition could result in information disclosure and session hijacking Severity : Medium Description of Problem When using Access Gateway Advanced Edition, residual information left on the client device could allow an attacker to gain unauthorized... CTX113814	7/19/07	4/22/08	10,988
Vulnerability in Citrix Presentation Server could result in unauthorized code execution Severity : Medium Description of Problem: If an authorized user can be lured into invoking an ICA connection to Citrix Presentation Server, it may be possible for an attacker t... CTX115245	11/14/07	3/28/08	12,365
Credential Handling Weakness in Presentation Server Client for Windows Severity : Low Description of Problem Under some circumstances, the Citrix Presentation Server Client for Windows may leave residual credential information in the client proces... CTX116227	3/10/08	3/10/08	6,088
Weakness in Citrix Presentation Server and Citrix Desktop Server installer could result in credentials being logged Severity : Low Description of Problem Under specific circumstances, the installation process for Citrix Presentation Server 4.5 and Citrix Desktop Server 1.0 could result in da... CTX116228	2/27/08	2/27/08	4,455
Vulnerability in Presentation Server's IMA Service could result in arbitrary code execution. Severity : High Description of Problem The IMA service is used by Citrix Presentation Server for inter-sever and management communications. Sending a specifically crafted packe... CTX114487	1/15/08	1/15/08	19,377
Cross-site scripting vulnerability in legacy versions of Citrix Web Interface Severity : Medium Description of Problem A cross-site scripting vulnerability has been identified in the on-line help of legacy versions of Citrix Web Interface. This vuln... CTX115283	12/18/07	12/18/07	3,126
Weakness in Citrix EdgeSight for Endpoints and Citrix EdgeSight for Presentation Server could result in information disclosure Severity : Low Description of Problem A weakness has been identified in Citrix EdgeSight for Presentation Server server and Citrix EdgeSight for Endpoints server. This weaknes... CTX115281	12/4/07	12/4/07	2,600	Unrated
Vulnerability in the web-based Configuration Utility of NetScaler and Access Gateway Enterprise Edition Description Citrix is releasing this Security Bulletin in response to recently published information relating to security issues affecting NetScaler and Access Gateway Enterprise Edition. Informa... CTX115496	11/29/07	11/29/07	3,277	Unrated
Additional security guidance for Citrix Presentation Server deployments Summary: Citrix is releasing this Security Bulletin in response to recently published information relating to security issues affecting some deployments of Citrix Presentation Server. Informatio... CTX114938	10/19/07	10/19/07	8,743
Vulnerabilities in Access Gateway Standard and Advanced Edition could allow unauthorized configuration changes Severity : Medium Description of Problem The Citrix Access Gateway appliance provides a web based administration console which can perform a limited set of administrative tasks... CTX113817	7/19/07	7/19/07	9,786	Unrated
Vulnerabilities in Access Gateway Standard and Advanced Editions clients could result in arbitrary code execution Severity : High Description of Problem The client components provided by Access Gateway Standard and Advanced Editions are subject to vulnerabilities that could allow an attack... CTX113815	7/19/07	7/19/07	11,944
Vulnerabilities in Citrix Presentation Server's Program Neighborhood Agent could result in arbitrary code execution Severity : High Description of Problem Citrix Program Neighborhood Agent can be installed on a client machine to access applications published on Citrix Presentation Server. If... CTX113919	7/10/07	7/10/07	28,498
Vulnerability in Citrix Presentation Server's Session Reliability service could result in network security policy bypass Severity : Medium Description of Problem The Session Reliability service is used by some Citrix products to improve user experience when connecting over unreliable networks. By sending a specific... CTX112964	5/16/07	5/23/07	42,232
MetaFrame Password Manager "reveal password" policy bypass Severity : Medium Description of Problem Citrix MetaFrame Password Manager allows administrators to control which users can view their own secondary passwords. Versions 2.5 and earlier allow users... CTX105800	3/3/05	5/16/07	27,152
Vulnerability in Citrix Presentation Server Client for Windows could result in arbitrary code execution Severity : High Description of Problem The Citrix Presentation Server Client for Windows includes support for making ICA connections through proxy servers. An implementation flaw in this functiona... CTX112589	2/28/07	3/6/07	99,159
Vulnerability in Citrix Presentation Server's print provider could result in arbitrary code execution Severity : High Description of Problem The Citrix print provider is used by Citrix Presentation Server to allow users to print to their local printer from published applications. A buffer overflow... CTX111686	1/23/07	1/23/07	51,588
Vulnerability in Citrix Presentation Server Client for Windows could result in arbitrary code execution Severity : High Description of Problem The Citrix Presentation Server Client provides an ActiveX component that can be used to integrate the client into Web pages. An implement... CTX111827	12/4/06	12/6/06	30,292
Vulnerability in Access Gateway appliance may allow information disclosure Severity : High Description of Problem When using Advanced Access Control with an Access Gateway appliance, unauthenticated remote users may be able to gain access to data on th... CTX111695	11/14/06	11/14/06	15,153
Vulnerability in Advanced Access Control could result in policy bypass Severity : Medium Description of Problem When using Advanced Access Control, users that login in a specific way may be able to gain access to resources in violation of configure... CTX111614	11/14/06	11/14/06	11,743	Unrated