NetScaler Web Management Cookie Cipher Weakness Network Vulnerability

Summary

The remote web server is prone to an information disclosure attack. Description : The version of the Citrix NetScaler web management interface on the remote host uses weak encryption for protecting the HTTP cookie content by XORing sensitive values, including the username and password, with a fixed key stream.

Solution

Do not stay logged into the NetScaler web management interface while browsing other web sites.

References

http://www.securityfocus.com/archive/1/484182/100/0/threaded

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-6192
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

IBM WebSphere Application Server IVT Cross Site Scripting Vulnerability
CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability
IBM WebSphere Application Server JNDI information disclosure Vulnerability
IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability
Cherokee Directory Traversal Vulnerability

NetScaler web management cookie cipher weakness

Take action and discover your vulnerabilities