Computer Security
[EN] no-pyccku

Citrix NetScaler weak cryptography
SecurityVulns ID:8379
Threat Level:
Description:Username/password are stored as a part of cookie with encryption (XORing with reused key), making it's possible to discover parts of the password.
Affected:CITRIX : NetScaler 8.0
CVE:CVE-2007-6037 (Cross-site scripting (XSS) vulnerability in ws/ in Citrix NetScaler 8.0 build 47.8 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter and other unspecified parameters.)
Original documentdocumentnnposter_(at)_disclosed.not, Citrix NetScaler Web Management Cookie Weakness (26.11.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod