Citrix Access Gateway 不明细节安全绕过漏洞
Citrix Access Gateway 不明细节安全绕过漏洞
发布日期:2013-03-05
更新日期:2013-03-07
受影响系统:
Citrix Access Gateway 4.5.5
Citrix Access Gateway 4.2
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 58317
CVE(CAN) ID: CVE-2013-2263
Citrix Access Gateway是提供安全远程访问虚拟桌面和应用的SSL VPN。
Citrix Access Gateway 5.0.4.223524之前版本在实现上存在不明细节漏洞,可导致未授权访问网络资源。
<*来源:Ben Williams
链接:http://secunia.com/advisories/52479/
http://support.citrix.com/article/CTX136623
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Citrix
------
Citrix已经为此发布了一个安全公告(CTX136623)以及相应补丁:
CTX136623:Vulnerability in Citrix Access Gateway Standard Edition 5.0 Could Result in Unauthorized Access to Network Resources
链接:http://support.citrix.com/article/CTX136623
补丁下载:http://www.citrix.com/downloads/netscaler-access-gateway/product-software/access-gateway-504.html
评论暂时关闭