Computer Security
[EN] securityvulns.ru no-pyccku


Citrix Access Gateway information leak
Published:23.10.2007
Source:
SecurityVulns ID:8283
Type:remote
Threat Level:
5/10
Description:HTTP session cookie is passed through HTTP GET request parameters, making it possible to leak it value thorugh Referer: field or in the browsing history.
Affected:CITRIX : Citrix Advanced Access Control 4.0
 CITRIX : Citrix Advanced Access Control 4.2
 CITRIX : Citrix Access Gateway 4.5
Original documentdocumentadvisories, Corsaire Security Advisory - Citrix Access Gateway session ID disclosure issue (23.10.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod