Vulnerabilities > CVE-2010-4566 - Unspecified vulnerability in Citrix Access Gateway
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows attackers to execute arbitrary commands via shell metacharacters in the password field.
Vulnerable Configurations
Exploit-Db
description Citrix Access Gateway - Command Injection Vulnerability. CVE-2010-4566. Remote exploit for linux platform id EDB-ID:15806 last seen 2016-02-01 modified 2010-12-22 published 2010-12-22 reporter George D. Gal source https://www.exploit-db.com/download/15806/ title Citrix Access Gateway - Command Injection Vulnerability description Citrix Access Gateway Command Execution. CVE-2010-4566. Remote exploit for linux platform file exploits/linux/remote/16916.rb id EDB-ID:16916 last seen 2016-02-02 modified 2011-03-03 platform linux port published 2011-03-03 reporter metasploit source https://www.exploit-db.com/download/16916/ title Citrix Access Gateway - Command Execution type remote
Metasploit
| description | The Citrix Access Gateway provides support for multiple authentication types. When utilizing the external legacy NTLM authentication module known as ntlm_authenticator the Access Gateway spawns the Samba 'samedit' command line utility to verify a user's identity and password. By embedding shell metacharacters in the web authentication form it is possible to execute arbitrary commands on the Access Gateway. |
| id | MSF:EXPLOIT/UNIX/WEBAPP/CITRIX_ACCESS_GATEWAY_EXEC |
| last seen | 2020-06-14 |
| modified | 2017-07-24 |
| published | 2011-03-03 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/unix/webapp/citrix_access_gateway_exec.rb |
| title | Citrix Access Gateway Command Execution |
Packetstorm
data source https://packetstormsecurity.com/files/download/96880/VSR-2010-12-21.txt id PACKETSTORM:96880 last seen 2016-12-05 published 2010-12-21 reporter George D. Gal source https://packetstormsecurity.com/files/96880/Citrix-Access-Gateway-Command-Injection.html title Citrix Access Gateway Command Injection data source https://packetstormsecurity.com/files/download/98909/citrix_access_gateway_exec.rb.txt id PACKETSTORM:98909 last seen 2016-12-05 published 2011-03-04 reporter George D. Gal source https://packetstormsecurity.com/files/98909/Citrix-Access-Gateway-Command-Execution.html title Citrix Access Gateway Command Execution
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:20307 |
| last seen | 2017-11-19 |
| modified | 2010-12-22 |
| published | 2010-12-22 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-20307 |
| title | Citrix Access Gateway Command Injection Vulnerability |