In association with heise online

« previous | next »
19 September 2006, 09:58

Citrix patches critical hole in Access Gateway

A vulnerability in Citrix Access Gateway opens a hole for attackers to log in without proper registration information and hence to achieve unauthorised access to applications or resources. Citrix Access Gateway is an SSL-VPN solution for connecting mobile and remote users.

According to the manufacturer, the problem arises in the interaction between the Advanced Access Control (AAC) and the LDAP authentication. Citrix declined to provide more details on the problem, but did classify it as critical. The flaw does not arise in situations where AAC is implemented without LDAP. AAC 4.2 is affected, although a hot fix is available to correct the problem.

See also:

(ehe)

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-731520

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung Galaxy S2 i9100 16GB schwarz
  2. Crucial m4 SSD 128GB
  3. Intel Core i5-2500K
  4. TeamGroup Elite DIMM Kit 8GB PC3-10667U CL9-9-9-24 (DDR3-1333)
  5. Intel Core i7-2600K
  6. ASUS EAH6870 DC/2DI2S/1GD5
  7. ASRock Z68 Pro3
  8. Samsung Galaxy S Plus i9001 schwarz 8GB
  9. Samsung EcoGreen F4 2000GB
  10. Samsung Galaxy S i9000 schwarz 8GB

The H

The H open source

The H Security

The H Internet Toolkit