| Related sites for http://support.citrix.com/latestsecurityall!execute.jspa |
| Toon_Clipart High quality cartoon clipart in high resolution EPS (vector) format for either Mac or Windows. | | M6_Technologies NT hosting on Window2000 server. Fully automated, best for resellers, multiple site hosting, SQL and SSL. | | ICDCS_2001 The 21st International Conference on Distributed Computing Systems. Phoenix (Mesa), Arizona, USA; 16--19 April 2001. | | Google_Groups_Simplifier Simplifies Google Groups' URLs for easier inclusion in e-mails/posts/web pages. With bookmarklet. | | The_Transputer_Archive Information on transputer microprocessor designed by INMOS (now SGS-Thomson Microelectronics), available via anonymous FTP with an index. Has messages from mail list and related comp.sys.transputer n | | Frequently_Asked_Questions A list of questions and answers for the project. It contains both general and technical information: project status, what it is and what it does and how to obtain and configure and run it. | | SES_Type [Win or RISC-OS 3] public domain (free), touch-typing course teaches accurate typing. Instructions are online. | | Jacksons,_Harry Resume. Blog. | | PC_Demo_Fan_Club Remarkable real-time graphic and sound demonstrations for PCs. | | Connected [Win-Mac] Digital museums of Earth and Space images. | | ExploreZip_Computer_Virus_Security Description of Explore.zip, removal instructions, and links. | | Cactusus Developed as a replacement for "sticky notes" on your desktop. Just a text taking quite a little space and always staying on top. | | JussPress Share video and photos online. | | Hypermedia_Presentation_and_Authoring_System HPAS is a system for presenting, integrating, and managing time-based hypermedia documents. With HPAS, Web users can bring text files, graphical images, audio tracks, and video clips together in one | | WebmailASP Multiuser webmail ASP script works like a desktop email client. Includes dynamic tree of folders, attachments, HTML-message display, contact books and search. All information moved/copied from POP3 an | | Equation-Based_Congestion_Control_for_Unicast_Applications Research papers on TCP-Friendly Rate Control | | JP_Web_Creations Offers design, marketing, and maintenance services. | | Digital_Development Can help in building personal web sites, to very large and detailed e-commerce online business. | | Quinn_Interactive,_Inc_ Offers site design and development, user interface design, e-commerce, programming, and content management system integration. | | Now Netscape's 'Now' buttons, parodies of them, derivatives of them, and other visual encouragements to do things 'now'. |
|
Security Bulletins - Citrix Knowledge Center
Knowledge Center
Knowledge Center
Communities
Forums
Blogs
Alerts
Sign In
Knowledge Center Home
> Security Bulletins
Security Bulletins
1
2
Next >
Security Bulletins
Created
Modified
Read
Rating
Vulnerability in Citrix Presentation Server for Windows could result in privilege escalation
Severity : Low
Description of Problem
A vulnerability has been identified in Citrix Presentation Server for Windows that could result in an authenticated interactive user escal...
CTX116310
9/29/08
9/29/08
1,111
Unrated
Vulnerability in Access Gateway Standard and Advanced Edition Appliance firmware could result in DNS Cache Poisoning
Severity: Medium Description of Problem
A vulnerability has been identified in the Access Gateway Standard and Advanced Edition appliance firmware that could affect the functionality of ...
CTX118183
9/2/08
9/10/08
2,004
Vulnerability in NetScaler and Access Gateway Enterprise Edition could result in DNS Cache Poisoning
Severity: High Description of Problem A vulnerability has been identified in the Citrix NetScaler and Access Gateway Enterprise Edition appliances that could result in Domain Name System (DNS...
CTX117991
7/24/08
8/4/08
3,663
Privilege Escalation Vulnerability in Citrix Deterministic Network Enhancer (dne2000.sys)
Severity : Low
Description of Problem A vulnerability has been identified in the Citrix Deterministic Network Enhancer (DNE) which, when exploited, could result in an escalation of p...
CTX117751
7/18/08
7/18/08
1,784
Cross-site scripting vulnerability in XenServer XenAPI HTTP Interfaces
Severity : Low
Description of Problem
A cross-site scripting vulnerability has been identified in XenServer’s XenAPI HTTP interfaces. When a specially constructed URL is sent to...
CTX117814
7/16/08
7/16/08
1,605
Vulnerability in Citrix Presentation Server could allow authenticated users to gain unauthorized access to a desktop session
Severity : Medium
Description of Problem
Citrix Presentation Server provides access control to both published applications and published desktops. Under specific circumstances,...
CTX116941
5/12/08
5/13/08
10,280
Vulnerability in Citrix Presentation Server could result in cryptographic settings not being correctly enforced
Severity : Medium
Description of Problem
The ICA protocol offers configurable encryption capabilities, known as SecureICA and ICA Basic encryption, that can be used to secure t...
CTX114893
5/12/08
5/12/08
5,172
Vulnerability in Access Gateway Standard Edition and Advanced Edition appliance firmware could result in authentication bypass
Severity : High
Description of Problem
A vulnerability exists in Access Gateway that, in certain configurations, could allow unauthenticated access to network resources.
...
CTX116930
5/9/08
5/9/08
4,538
Vulnerabilities in Access Gateway Advanced Edition could allow redirection to arbitrary web sites
Severity : Medium
Description of Problem
Vulnerabilities have been identified in Access Gateway Advanced Edition that may allow an attacker to redirect a user to an arbitrary w...
CTX113816
7/19/07
4/22/08
8,574
Vulnerabilities in Access Gateway Advanced Edition could result in information disclosure and session hijacking
Severity : Medium
Description of Problem
When using Access Gateway Advanced Edition, residual information left on the client device could allow an attacker to gain unauthorized...
CTX113814
7/19/07
4/22/08
10,703
Vulnerability in Citrix Presentation Server could result in unauthorized code execution
Severity : Medium
Description of Problem:
If an authorized user can be lured into invoking an ICA connection to Citrix Presentation Server, it may be possible for an attacker t...
CTX115245
11/14/07
3/28/08
11,516
Credential Handling Weakness in Presentation Server Client for Windows
Severity : Low
Description of Problem
Under some circumstances, the Citrix Presentation Server Client for Windows may leave residual credential information in the client proces...
CTX116227
3/10/08
3/10/08
5,839
Weakness in Citrix Presentation Server and Citrix Desktop Server installer could result in credentials being logged
Severity : Low
Description of Problem
Under specific circumstances, the installation process for Citrix Presentation Server 4.5 and Citrix Desktop Server 1.0 could result in da...
CTX116228
2/27/08
2/27/08
4,127
Vulnerability in Presentation Server's IMA Service could result in arbitrary code execution.
Severity : High
Description of Problem
The IMA service is used by Citrix Presentation Server for inter-sever and management communications. Sending a specifically crafted packe...
CTX114487
1/15/08
1/15/08
18,668
Cross-site scripting vulnerability in legacy versions of Citrix Web Interface
Severity : Medium
Description of Problem
A cross-site scripting vulnerability has been identified in the on-line help of legacy versions of Citrix Web Interface.
This vuln...
CTX115283
12/18/07
12/18/07
2,863
Weakness in Citrix EdgeSight for Endpoints and Citrix EdgeSight for Presentation Server could result in information disclosure
Severity : Low
Description of Problem
A weakness has been identified in Citrix EdgeSight for Presentation Server server and Citrix EdgeSight for Endpoints server. This weaknes...
CTX115281
12/4/07
12/4/07
2,344
Unrated
Vulnerability in the web-based Configuration Utility of NetScaler and Access Gateway Enterprise Edition
Description Citrix is releasing this Security Bulletin in response to recently published information relating to security issues affecting NetScaler and Access Gateway Enterprise Edition. Informa...
CTX115496
11/29/07
11/29/07
3,018
Unrated
Additional security guidance for Citrix Presentation Server deployments
Summary: Citrix is releasing this Security Bulletin in response to recently published information relating to security issues affecting some deployments of Citrix Presentation Server. Informatio...
CTX114938
10/19/07
10/19/07
8,362
Vulnerabilities in Access Gateway Standard and Advanced Edition could allow unauthorized configuration changes
Severity : Medium
Description of Problem
The Citrix Access Gateway appliance provides a web based administration console which can perform a limited set of administrative tasks...
CTX113817
7/19/07
7/19/07
9,532
Unrated
Vulnerabilities in Access Gateway Standard and Advanced Editions clients could result in arbitrary code execution
Severity : High
Description of Problem
The client components provided by Access Gateway Standard and Advanced Editions are subject to vulnerabilities that could allow an attack...
CTX113815
7/19/07
7/19/07
11,658
Vulnerabilities in Citrix Presentation Server's Program Neighborhood Agent could result in arbitrary code execution
Severity : High
Description of Problem
Citrix Program Neighborhood Agent can be installed on a client machine to access applications published on Citrix Presentation Server. If...
CTX113919
7/10/07
7/10/07
28,147
Vulnerability in Citrix Presentation Server's Session Reliability service could result in network security policy bypass
Severity : Medium Description of Problem The Session Reliability service is used by some Citrix products to improve user experience when connecting over unreliable networks. By sending a specific...
CTX112964
5/16/07
5/23/07
41,771
MetaFrame Password Manager "reveal password" policy bypass
Severity : Medium Description of Problem Citrix MetaFrame Password Manager allows administrators to control which users can view their own secondary passwords. Versions 2.5 and earlier allow users...
CTX105800
3/3/05
5/16/07
26,890
Vulnerability in Citrix Presentation Server Client for Windows could result in arbitrary code execution
Severity : High Description of Problem The Citrix Presentation Server Client for Windows includes support for making ICA connections through proxy servers. An implementation flaw in this functiona...
CTX112589
2/28/07
3/6/07
98,434
Vulnerability in Citrix Presentation Server's print provider could result in arbitrary code execution
Severity : High Description of Problem The Citrix print provider is used by Citrix Presentation Server to allow users to print to their local printer from published applications. A buffer overflow...
CTX111686
1/23/07
1/23/07
51,189
Vulnerability in Citrix Presentation Server Client for Windows could result in arbitrary code execution
Severity : High
Description of Problem
The Citrix Presentation Server Client provides an ActiveX component that can be used to integrate the client into Web pages. An implement...
CTX111827
12/4/06
12/6/06
29,784
Vulnerability in Access Gateway appliance may allow information disclosure
Severity : High
Description of Problem
When using Advanced Access Control with an Access Gateway appliance, unauthenticated remote users may be able to gain access to data on th...
CTX111695
11/14/06
11/14/06
14,848
Vulnerability in Advanced Access Control could result in policy bypass
Severity : Medium
Description of Problem
When using Advanced Access Control, users that login in a specific way may be able to gain access to resources in violation of configure...
CTX111614
11/14/06
11/14/06
11,468
Unrated
Vulnerability in Advanced Access Control could result in policy bypass when using the Browser-Only Access feature
Severity : Medium
Description of Problem
When using the Browser-Only access feature, Advanced Access Control may fail to enforce the correct policies on some resources. This cou...
CTX111615
11/14/06
11/14/06
9,026
Unrated
Vulnerabilities in Presentation Server's IMA Service could result in a Denial of Service or arbitrary code execution
Severity : High
Description of Problem
The IMA service is used by Citrix Presentation Server for inter-sever and management communications. Two separate vulnerabilities have bee...
CTX111186
11/8/06
11/8/06
45,313
1
2
Next >
Search
only this product
all Knowledge Center
Advanced Search
Products
XenApp
XenApp 5.0 for Windows Server 2008
XenApp 5.0 for Windows Server 2003
Presentation Server 4.5 and Components
Presentation Server 4.0 and Components
Presentation Server 4.0 for UNIX
XenApp for UNIX 4.0 with Feature Pack 1
XenApp Plugins (Clients)
Windows (32/64 Bit)
WinCE/Pocket PC
Macintosh
Java
EPOC/Symbian
UNIX
IBM OS/2
Windows (16 Bit)
DOS
XenServer
XenServer 5.0
XenServer 4.1
XenServer 4.0
XenServer 3.2
XenServer 3.1
XenDesktop
XenDesktop 2.1
XenDesktop 2.0
NetScaler Application Delivery
NetScaler Application Delivery Software 8.1
NetScaler Application Delivery Software 8.0
NetScaler Application Delivery Software 7.0
NetScaler Application Delivery Software 6.1
NetScaler Application Delivery Software 6.0
NetScaler Application Delivery Software 5.2
Access Gateway
Access Gateway 8.1 Enterprise Edition
Access Gateway 8.0 Enterprise Edition
Access Gateway 7.0 Enterprise Edition
Access Gateway 4.5 Advanced Edition
Access Gateway 4.5 Standard Edition
EdgeSight
EdgeSight for Endpoints 5.0
EdgeSight for XenApp 5.0
EdgeSight for Load Testing 2.7
EdgeSight for Load Testing 2.6
EdgeSight for Load Testing 2.5
EdgeSight for Endpoints 4.5
EdgeSight for Presentation Server 4.5
EdgeSight for Endpoints 4.2
EdgeSight for Presentation Server 4.2
EdgeSight for NetScaler 1.1
EdgeSight for NetScaler 1.0
Provisioning Server
Provisioning Server 5.0
Provisioning Server 4.5
Ardence 4.1
Ardence 3.x
WANScaler
WANScaler 4.x
WANScaler 3.x
WANScaler 2.x
WANScaler Client
Password Manager
Password Manager 4.6
Password Manager 4.5
Password Manager 4.1
>> View All Products
Knowledge Resources
Microsoft Updates
Licensing
Troubleshooting
What's New...
Knowledge Center FAQ
Tools
Please sign in to access your feeds, alerts and all other subscriptions.
Subscribe to Feed
Receive Security Alerts
addthis_url = location.href;
addthis_title = document.title;
addthis_pub = 'webservices';
addthis_brand = 'Knowledge Center';
addthis_options = 'google, live, facebook, furl, ask, stumbleupon, delicious, digg, reddit, more';
©1999-2008 Citrix Systems, Inc. All rights reserved.
Contact
Careers
Legal Notice
Privacy
Governance
Site Feedback
Site Map
var hasLoginError = false;
var hasAnchorFix = false;
var hasTwoColList = false;
var hasLoginVal = false;
var hasTableFix = false;
var hasTreeView = false;
var hasTabs = false;
var hasThickBox = false;
var hasRating = false;
var hasWatch = true;
var hasComments = false;
var hasBookmarking = false;
var hasOPRT = false;
var hasSearchHelp = false;
var hasLangSwitch = false;
var hasHoverTip = false;
var isFeedback = false;
var isGlobal = true;
var isGlobalNoNav = false;
var isSiteMap = false;
var isSearch = false;
var isAdvancedSearch = false;
var isForumSearch = false;
var isInternal = "false";
var isDocFeedback = false;
var isDocFeedbackArticle = false;
var isDocFeedbackHelp = false;
var isDocFeedbackPDF = false;
var isErrorPage = false;
var gaJsHost = (("https:" == document.location.protocol) ?
"https://ssl." : "http://www.");
document.write(unescape("%3Cscript src="http://support.citrix.com/latestsecurityall!execute.jspa/" + gaJsHost +
"google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
var pageTracker = _gat._getTracker("UA-1066095-1");
pageTracker._initData();
pageTracker._trackPageview();
var productTabEventTracker = pageTracker._createEventTracker('ProductTab');
/*
$(document).ready
setting up the login form submit button events
$("#submitbtn").click(function() {
validate($("#username"), $("#password"));
return status;
});
$("#resetbtn").click(function() {
tb_remove();
});
Added esc key functionality so user can escape the window
$(document).keyup( function(e){
var key = e.keyCode;
if(key == 27){
tb_remove();
}
});
$("#closebtnlogin").click(function() {
tb_remove();
return false;
});
set focus as soon as you open the login window
// setTimeout("try{document.getElementById('username').focus();}catch(error){}",100);
setTimeout('$("#username").focus();',100);
*/
/* NOTE: leaving inline, as IE has issues with post-load scripts */
if ($("#alerthistory").val() == "add") {
$("#alerttext").text("Add to your Hotfix Alerts");
}
if ($("#alerthistory").val() == "remove") {
$("#alerttext").text("Remove from your Hotfix Alerts");
}
/* if ($("#alerthistory").val() == "true") {
alert('doing reload');
// window.location.reload();
} */
$("#watchlink").attr("href", function() {
return $("#watchlink").attr("jswatchurl");
});
$("a#watchlink").click(function(){
var thiswatches = $("a#watchlink").text();
// $("#alerthistory").val("true");
if (thiswatches == 'Add to your Hotfix Alerts'){
$.post("http://support.citrix.com:80/profile/watch/add?url=/securitybulletins/", function(data){ });
$("#alerttext").ajaxComplete(function(){
$("#alerttext").text("Remove from your Hotfix Alerts");
$("#alerthistory").val("remove");
});
}
else {
$.post("http://support.citrix.com:80/profile/watch/remove?url=/securitybulletins/", function(data){ });
$("#alerttext").ajaxComplete(function(){
$("#alerttext").text("Add to your Hotfix Alerts");
$("#alerthistory").val("add");
});
}
return false;
});
if ($("#salerthistory").val() == "add") {
$("#secalerttext").text("Receive Security Alerts");
}
if ($("#salerthistory").val() == "remove") {
$("#secalerttext").text("Discontinue your Security Alerts");
}
$("#secalertlink").attr("href", function() {
return $("#secalertlink").attr("jswatchurl");
});
$("a#secalertlink").click(function(){
var secwatch = $("a#secalertlink").text();
if (secwatch == 'Receive Security Alerts'){
$.post("http://support.citrix.com:80/profile/watches/save?securityBulletin=on", function(data){ });
$("#secalerttext").ajaxComplete(function(){
$("#secalerttext").text("Discontinue your Security Alerts");
$("#salerthistory").val("remove");
});
}
else {
$.post("http://support.citrix.com:80/profile/watches/save", function(data){ });
$("#secalerttext").ajaxComplete(function(){
$("#secalerttext").text("Receive Security Alerts");
$("#salerthistory").val("add");
});
}
return false;
});
|
|
