Security
Just before xmas holidays, Citrix released CTX267027 announcing a remote code exection vulnerability with their ADC and Gateway products, formerly NetScaler and NetScaler Gateway.
As we all need to deal with certificate in multiple colors, it may a good idea to have a look at the X.509 Certificate Tutorial, posted on Adam the Automator. …
Yesterday, Sep 25, Citrix reported multiple Dnieal-of-Service vulnerabilities with License Server for Windows and VPX, so an attacker may be able to enforce a vendor service shutdown: CVE-2018-20031: A Denial …
Yesterday (Oct, 22 2018), Citrix released CTX236992 which describes multiple security vulnerabilites with Citrix SD-WAN. Those may allow an attacker to get access to the SD-WAN appliance’s management interface. The …
There are some security patches needed to fix new vulnerabilities found with NetScaler ADC and NetScaler Gateway, see CTX232161 article. Please find below the the corresponding CVEs covered by the …
When it comes to the latest security vulnerabilities, these days we hear about things like “Meltdown”, “Spectre” and “Side Chain Vulnerabilities”, all with reference to CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. Citrix, …
Yesterday, Citrix released two Security Bulletins related to TLS vulnerabilities with Citrix NetScaler v10.5 up to 12.0. These are: CTX230238 (CVE-2017-17382): TLS Padding Oracle Vulnerability in Citrix NetScaler Application Delivery …
When it comes to NetScaler End Point Analysis (EPA), Citrix provides a nice How-To Article as a starting point: https://support.citrix.com/pages/netscaler-gateway-epa.
Many customer asked me, if those OpenSSL vulnerabilities found for some time now do apply to Citrix NetScaler, too. In order to support you with this kind of arguments, Citrix …