In association with heise online

15 May 2008, 17:50

Vulnerabilities in Citrix Presentation Server and Access Gateway

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Citrix warns that its Access Gateway may allow unauthorized users to have access to network components. In addition, Citrix has also discovered flaws in its Presentation Server that reduce the effectiveness of the server's encryption and allow users a desktop session without proper authorization.

Presentation Server may not provide sufficient encryption when SecureICA or ICA Basic is used as the encryption protocol, although SSL and TLS encryption still work. However, the Citrix advisories do not provide any further details of the flaws. The vendor merely mentions which versions are vulnerable and provides links to software updates. The Access Gateway only has a vulnerability in the Standard and Advanced Edition – the Enterprise Edition is not affected. The company advises users of the software to install the provided updates as soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit