[<prev] [next>] [day] [month] [year] [list]
Message-ID: <550AF57C.7050202@securify.nl>
Date: Thu, 19 Mar 2015 17:12:44 +0100
From: "Securify B.V." <lists@...urify.nl>
To: fulldisclosure@...lists.org
Subject: [FD] Citrix Command Center allows downloading of configuration files
------------------------------------------------------------------------
Citrix Command Center allows downloading of configuration files
------------------------------------------------------------------------
Han Sahin, August 2014
------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
It was discovered that Citrix Command Center stores configuration files
containing credentials of managed devices within a folder accessible
through the web server. Unauthenticated attackers can download any
configuration file stored in this folder, decode passwords stored in
these files, and gain privileged access to devices managed by Command
Center.
------------------------------------------------------------------------
Tested version
------------------------------------------------------------------------
This issue was discovered in Citrix Command Center 5.1 build 33.3
(including patch CC_SP_5.2_40_1.exe), other versions may also be
vulnerable.
------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
Citrix reports that this vulnerability is fixed in Command Center 5.2
build 42.7, which can be downloaded from the following location (login
required).
https://www.citrix.com/downloads/command-center/product-software/command-center-52-427.html
Citrix assigned BUG0493933 to this issue.
------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://www.securify.nl/advisory/SFY20140802/citrix_command_center_allows_downloading_of_configuration_files.html
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists