Computer Security
[EN] no-pyccku

Citrix Access Gateway information leak
SecurityVulns ID:8283
Threat Level:
Description:HTTP session cookie is passed through HTTP GET request parameters, making it possible to leak it value thorugh Referer: field or in the browsing history.
Affected:CITRIX : Citrix Advanced Access Control 4.0
 CITRIX : Citrix Advanced Access Control 4.2
 CITRIX : Citrix Access Gateway 4.5
Original documentdocumentadvisories, Corsaire Security Advisory - Citrix Access Gateway session ID disclosure issue (23.10.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod