Access Gateway 5.0 Standard Edition – Maintenance Release 5.0.4 (Patch_1_284097)

On July 31st Citrix announced Security Vulnerabilities in Citrix Access Gateway Standard Edition with a Critical severity.

The following description was given to further explain the vulnerabilities:
Three security vulnerabilities have been identified in Access Gateway Standard Edition:

  • Directory traversal in Access Gateway Standard Edition 5.0.x prior to version 5.0.4 (critical severity)
  • Access Gateway Standard Edition 5.0.x can act as an open proxy (high severity)
  • Text content injection in Access Gateway Standard Edition 5.0.3 and 5.0.4 (low severity)

 

Access Gateway Standard Edition versions 4.5.x and 4.6.x and currently supported versions of NetScaler Access Gateway Enterprise Edition are not affected by these vulnerabilities.
 

 

You are strongly adviced to install the related patch, which can be found at: http://support.citrix.com/article/CTX134257 on the affected appliances (both physical on the 2010 model and virtual on the VPX).

 

Esther Barthel
Senior Consultant at PepperByte

Esther has been working in different roles and functions as an IT consultant ever since she finished her Masters degree in Computer Science in 1997. She has worked as a web developer, database administrator, and server administrator until she discovered how Server-Based Computing ( SBC ) combined servers, desktops, and user experience in one solution. Esther has been specializing in virtualization solutions such as SBC, VDI, application, and server virtualization for over eight years now and is currently working as a Senior Consultant at PepperByte, where she designs and implements Citrix® solutions for both small-business and large-enterprise infrastructures scaling from 100 to 15,000 users.
In january 2014 her first book Citrix XenApp 6.5 Expert Cookbook was published by Packt Publishing.

Esther is awarded as a Citrix Technology Professional (CTP) from 2015 - 2017.
Esther is awarded as a Microsoft Most Valuable Professional (MVP) in 2017.

Esther is a Citrix Certified Expert – Virtualization (CCE-V), Citrix Certified Professional – Mobility (CCP-M), Citrix Certified Professional – Networking (CCP-N) and RES Software Certified Professional (RCP).

2 thoughts on “Access Gateway 5.0 Standard Edition – Maintenance Release 5.0.4 (Patch_1_284097)

  1. Pingback: virtuEs.IT

  2. Pingback: Kees Baggerman