Citrix License Server Vulnerabilities

Yesterday, Sep 25, Citrix reported multiple Dnieal-of-Service vulnerabilities with License Server for Windows and VPX, so an attacker may be able to enforce a vendor service shutdown:

CVE-2018-20031: A Denial of Service vulnerability in FlexNet Publisher version 11.16.1.0 and earlier
CVE-2018-20032: A Denial of Service vulnerability in FlexNet Publisher version 11.16.1.0 and earlier
CVE-2018-20033: A Remote Code Execution vulnerability in FlexNet Publisher version 11.16.1.0 and earlier
CVE-2018-20034: A Denial of Service vulnerability in FlexNet Publisher version 11.16.1.0 and earlier

These vilnerabilities are fixed with Citrix License Server for Windows version 11.16.3 build 28000 and newer. Actually, there’s no fix available for the VPX flavour.

For details please see Citrix KB article CTX261963.

Meltdown & Spectre Processor Vulnerabilities When it comes to the latest security vulnerabilities, these days…
Receiver 4.9 for Windows LTSR CU 1 available On Aug, 15 Citrix released Receiver for Windows 4.9 LTSR.…
Bash on Windows 10 Techgenix provides a good article to enable Ubuntu Bash with…
RADIUS C/R Issues with NetScaler ADC / Gateway These days I came accross an issue related to RADIUS…
NetScaler 10.5 to 12.0 affected by two TLS Vulnerabilities Yesterday, Citrix released two Security Bulletins related to TLS vulnerabilities…
SD-WAN Multiple Security Updates Yesterday (Oct, 22 2018), Citrix released CTX236992 which describes multiple…

Citrix License Server Vulnerabilities

Related Posts:

Leave a Reply