Vulnerabilities > CVE-2006-4846 - Authentication Bypass vulnerability in Citrix Access Gateway 4.2
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 before 20060914, when AAC is configured to use LDAP authentication, allows remote attackers to bypass authentication via unknown vectors. Successful exploitation requires that the Advanced Access Control option is set to use LDAP authentication. This vulnerability is addressed by hotfix AAC420W004.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://secunia.com/advisories/21941
- http://securitytracker.com/id?1016874
- http://support.citrix.com/article/CTX110439
- http://support.citrix.com/article/CTX110950
- http://www.kb.cert.org/vuls/id/658620
- http://www.osvdb.org/28938
- http://www.securityfocus.com/bid/20066
- http://www.vupen.com/english/advisories/2006/3643
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28990