[THIN] Vulnerability in Citrix Secure Gateway could result in Denial of Service

• From: Carl Stalhood <cstalhood@xxxxxxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Thu, 18 Jun 2009 09:25:40 -0500

From http://support.citrix.com/article/CTX121172*:
*

*Description of Problem *

A vulnerability has been identified in Citrix Secure Gateway that could
result in a denial of service.

When a specific request is made to the Secure Gateway service from a remote
attacker, the Secure Gateway service can be made to consume 100% of the
available CPU and may refuse further connections.

This vulnerability is present in all versions of Citrix Secure Gateway up to
and including version 3.1.

Please note that the Citrix Access Gateway appliance is not affected by this
vulnerability when configured to act as a Citrix Secure Gateway.

*What Customers Should Do*

A hotfix has been released to address this issue. Citrix recommends that
customers using Secure Gateway install this hotfix, which can be downloaded
from the following locations:

*Citrix Secure Gateway 3.1*:

EN - *http://support.citrix.com/article/CTX121012*

JA - *http://support.citrix.com/article/CTX121013*

• Follow-Ups:
  • [THIN] Re: Vulnerability in Citrix Secure Gateway could result in Denial ofService
    • From: alan tropper

Other related posts:

• » [THIN] Vulnerability in Citrix Secure Gateway could result in Denial of Service - Carl Stalhood

1. Home
2. thin
3. Archive
4. 06-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---