Back to search
CVE-2010-4566
Published: Jan 14, 2011
Modified: Aug 7, 2024
PUBLISHED
Description
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows attackers to execute arbitrary commands via shell metacharacters in the password field.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1024893
vdb-entry
x_refsource_SECTRACK
http://www.vsecurity.com/resources/advisory/20101221-1
x_refsource_MISC
http://support.citrix.com/article/CTX127613
x_refsource_CONFIRM
8119
third-party-advisory
x_refsource_SREASON
70099
vdb-entry
x_refsource_OSVDB
16916
exploit
x_refsource_EXPLOIT-DB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now