The Citrix Access Gateway provides support for multiple authentication types. When utilizing the external legacy NTLM authentication module known as ntlm_authenticator the Access Gateway spawns the Samba 'samedit' command line utility to verify a user's identity and password. By embedding shell metacharacters in the web authentication form it is possible to execute arbitrary commands on the Access Gateway.
67ee0d90c122f14d2d05bf0be45df498f4d30d47f4fb4d085869433a4c230eb3Citrix Access Gateway Command Injection Enterprise Edition up to 9.2-49.8 and Standard and Advanced Editions prior to 5.0 suffer from a remote command injection vulnerability.
cc70050cfc786f1a1df78cc3270117077f714bea62b7947328a95fd0f7ef906a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed