Citrix Licensing Administration Console Security Bypass And Denial Of Service Vulnerabilities Network Vulnerability

Summary

This host is installed with Citrix Licensing Administration Console and is prone to security bypass and denial of service vulnerabilities.

Impact

Successful exploitation could allow remote attackers to bypass certain security restrictions and cause denial-of-service condition. Impact Level: Application

Solution

Upgrade to Citrix Licensing Administration Console 11.10 or later. For updates refer to http://www.citrix.com/downloads.html

Insight

The flaws are caused by errors in a third-party component that is used by the administration console, which could allow an attacker to cause a denial of service or gain unauthorized access to some license administration functionality by tricking an administrator into visiting a malicious web site.

Affected

Citrix Licensing Administration Console 11.6 and Prior.

References

http://secunia.com/advisories/43459
http://support.citrix.com/article/CTX128167
http://www.securitytracker.com/id?1025123
http://www.vupen.com/english/advisories/2011/0477

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1101
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
Adobe ColdFusion Multiple Path Disclosure Vulnerabilities
Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14

Take action and discover your vulnerabilities