Citrix Access Gateway With Advanced Access Control Vulnerabilities
Wednesday, 15 November 2006 by Michel Roth
Three vulnerabilities have been reported with the Citrix Access Gateway when deployed with Advanced Access Control:

Vulnerability in Access Gateway appliance may allow information disclosure
When using Advanced Access Control with an Access Gateway appliance, unauthenticated remote users may be able to gain access to data on the Access Gateway appliance. The information disclosed could potentially lead to a compromise of the appliance.

This vulnerability affects the following products:
• Access Gateway 4.5 Advanced Edition
• Access Gateway 4.2 with Advanced Access Control 4.2 (currently known as Access Gateway 4.2 Advanced Edition)

When deployed with:
• Access Gateway appliance 4.2
• Access Gateway appliance 4.2.1
• Access Gateway appliance 4.2.2

Access Gateway appliances deployed without Advanced Access Control are not vulnerable to this issue.


Vulnerability in Advanced Access Control could result in policy bypass when using the Browser-Only Access feature
When using the Browser-Only access feature, Advanced Access Control may fail to enforce the correct policies on some resources. This could result in users being able to gain access to resources in violation of configured policies.

This vulnerability is present in:
• Access Gateway 4.2 with Advanced Access Control 4.2 (currently known as Access Gateway 4.2 Advanced Edition)
• Advanced Access Control Option 4.0 (previously Access Gateway Enterprise 4.0)

Access Gateway Standard Edition and Access Gateway Enterprise Edition are not vulnerable to this issue.


Vulnerability in Advanced Access Control could result in policy bypass
When using Advanced Access Control, users that login in a specific way may be able to gain access to resources in violation of configured policies.

This vulnerability is present in:
• Access Gateway 4.2 with Advanced Access Control 4.2 (currently known as Access Gateway 4.2 Advanced Edition)
• Advanced Access Control Option 4.0 (previously Access Gateway Enterprise 4.0)

Access Gateway Standard Edition and Access Gateway Enterprise Edition are not vulnerable to this issue.

Related Items:

Citrix Access Gateway Unspecified Information Disclosure Vulnerability (29 January 2007)
Citrix Announces Access Gateway Enterprise Edition (14 February 2006)
Clientless Failover Functionality: Citrix Access Gateway and Advanced Access Control (11 May 2006)
Citrix Access Gateway Advanced Access Control Authentication Bypass (18 September 2006)
Vulnerabilities in Access Gateway Standard and Advanced Editions clients (23 July 2007)
Using WI 4.2 With Access Gateway Adv.Edition 4.2 (18 May 2006)
AppSense Demos Breakthrough Application Control Technology At iForum (24 October 2006)
New 8.0 Firmware For Access Gateway Enterprise Edition (3 April 2007)
Smart Access In A Box 1.0 (SAIAB) (26 May 2006)
Access Gateway Traffic Flow Diagram (13 September 2006)
Comments (0)
Show/Hide comment form