#VU85436 Buffer overflow in Citrix Netscaler ADC and Citrix NetScaler Gateway
Vulnerability identifier: #VU85436
Vulnerability risk: High
CVSSv3.1: 7.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Citrix Netscaler ADC
Client/Desktop applications /
Software for system administration
Citrix NetScaler Gateway
Server applications /
Application servers
Vendor:
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote attacker can send specially crated packets to the system, trigger memory corruption and perform a denial of service (DoS) attack.
Successful exploitation of this vulnerability requires that the device is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAAvirtualserver.
Note, the vulnerability is being actively exploited in the wild.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
External links
http://support.citrix.com/article/CTX584986
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
