[THIN] Citrix Webinterface -heartbleed
- From: Alan Tropper <alan.tropper@xxxxxxxxxxxx>
- To: "thin@xxxxxxxxxxxxx" <thin@xxxxxxxxxxxxx>
- Date: Mon, 9 Jun 2014 01:17:13 +0000
Hi All,
Our security team are concerned about heartbleed with the citrix webinterface
server, however Im not so sure there is a vulnerability there, after reading
the below I don't think web interface is affected, can anyone out there confirm?
Quote:
(http://support.citrix.com/article/CTX140876%20%3Chttp://support.citrix.com/article/CTX140876%3E)
"Citrix Web Interface: Web Interface makes use of the TLS functionality
provided by the underlying web server. Citrix customers are advised to verify
that any deployed web servers used to host Web Interface are not vulnerable to
these issues. Web Interface can also use a built-in TLS library to make
outgoing TLS connections, this library is not vulnerable to these CVEs".
Thanks
Al
Alan Tropper
Service Delivery & Support | INPEX
Level 22 100 St Georges Tce | PERTH Western Australia 6000
T + 61 8 6213 6777 | F + 61 8 6213 6455 |
Alan.Tropper@xxxxxxxxxxxx<mailto:Alan.Tropper@xxxxxxxxxxxx>
The contents of this e-mail, including any attachments are the property of
INPEX, are intended for use by the ordinary user of the e-mail address to which
it was addressed and may also be privileged. If you are not the addressee of
this e-mail you may not copy, forward, disclose or otherwise use it or any part
of it in any form whatsoever. If you have received this e-mail in error please
e-mail the sender by replying to this message. Emails sent or received may be
monitored to ensure compliance with the law, regulation and/or INPEX policies.
Other related posts:
