微点交流论坛

标题: Citrix EdgeSight文件配置泄漏信息 [打印本页]

作者: pioneer 时间: 2007-12-12 09:10 标题: Citrix EdgeSight文件配置泄漏信息

来源

secunia.com

软件名

Citrix EdgeSight 3.x
Citrix EdgeSight 4.x
Citrix EdgeSight for NetScaler 1.x

描述

这可被恶意的当前用户泄漏敏感信息
数据库认证配置文件在不安全模式下被保存了。

该漏洞影响了以下版本
* Citrix EdgeSight for Endpoints
* Citrix EdgeSight for Presentation Server
* Citrix EdgeSight for NetScaler

解决方案

厂商建议用户更新或升级到以下版本
* Citrix EdgeSight for Presentation Server 4.5
Update to Service Pack 2:
http://support.citrix.com/article/CTX115526

* Citrix EdgeSight for Endpoints 4.5
Update to Service Pack 2::
http://support.citrix.com/article/CTX115527

* Citrix EdgeSight for Presentation Server 4.2
Update to Service Pack 4:
http://support.citrix.com/article/CTX111075

* Citrix EdgeSight for Endpoints 4.2
Update to Service Pack 4:
http://support.citrix.com/article/CTX111076
NetScaler Citrix EdgeSight的用户使用Security Support Provider Interface (SSPI)授权来配置产品。请联系厂商以获得更多信息

欢迎光临微点交流论坛 (http://bbs.micropoint.com.cn/)

bbs.micropoint.com.cn