APP: Citrix Access Gateway Command Injection

This signature detects attempts to exploit a known command injection vulnerability in Citrix Access Gateway. In a successful code injection attack, the behavior of the target host is entirely dependent on the intended function of the injected code and executes within the security context of the server.

Extended Description

Citrix Access Gateway is prone to a command-injection vulnerability. An attacker can exploit this vulnerability to inject and execute arbitrary commands with superuser privileges. The following products are vulnerable: Access Gateway 4.5 Advanced Edition Access Gateway 4.5 Standard Edition Access Gateway 4.6 Advanced Edition Access Gateway 4.6 Standard Edition Access Gateway 8.0 Enterprise Edition Access Gateway 8.1 Enterprise Edition Access Gateway 9.0 Enterprise Edition Access Gateway 9.1 Enterprise Edition Access Gateway 9.2 Enterprise Edition Access Gateway VPX 4.6

Affected Products

Citrix access_gateway_enterprise_edition

Short Name
APP:CITRIX:AG-CMD-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Access CVE-2010-4566 Citrix Command Gateway Injection bid:45402
Release Date
05/04/2011
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Citrix

CVSS Score

9.3

Found a potential security threat?