Just before xmas holidays, Citrix released CTX267027 announcing a remote code exection vulnerability with their ADC and Gateway products, formerly NetScaler and NetScaler Gateway.
more … “Unpatched Vulnerability with Citrix ADC / Gateway!”Category: Security
Security
X.509 Certificate Turorial
As we all need to deal with certificate in multiple colors, it may a good idea to have a look at the X.509 Certificate Tutorial, posted on Adam the Automator. …
Citrix License Server Vulnerabilities
Yesterday, Sep 25, Citrix reported multiple Dnieal-of-Service vulnerabilities with License Server for Windows and VPX, so an attacker may be able to enforce a vendor service shutdown: CVE-2018-20031: A Denial …
SD-WAN Multiple Security Updates
Yesterday (Oct, 22 2018), Citrix released CTX236992 which describes multiple security vulnerabilites with Citrix SD-WAN. Those may allow an attacker to get access to the SD-WAN appliance’s management interface. The …
NetScaler ADC / Gateway Security Updates
There are some security patches needed to fix new vulnerabilities found with NetScaler ADC and NetScaler Gateway, see CTX232161 article. Please find below the the corresponding CVEs covered by the …
Meltdown & Spectre Processor Vulnerabilities
When it comes to the latest security vulnerabilities, these days we hear about things like “Meltdown”, “Spectre” and “Side Chain Vulnerabilities”, all with reference to CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. Citrix, …
NetScaler 10.5 to 12.0 affected by two TLS Vulnerabilities
Yesterday, Citrix released two Security Bulletins related to TLS vulnerabilities with Citrix NetScaler v10.5 up to 12.0. These are: CTX230238 (CVE-2017-17382): TLS Padding Oracle Vulnerability in Citrix NetScaler Application Delivery …
NetScaler Gateway EPA
When it comes to NetScaler End Point Analysis (EPA), Citrix provides a nice How-To Article as a starting point: https://support.citrix.com/pages/netscaler-gateway-epa.
NetScaler and OpenSSL
Many customer asked me, if those OpenSSL vulnerabilities found for some time now do apply to Citrix NetScaler, too. In order to support you with this kind of arguments, Citrix …