Category: Access Gateway

Vulnerability in Citrix Access Gateway Standard Edition 5.0 could result in unauthorized access to network resources

A vulnerability has been identified in Citrix Access Gateway Standard Edition that could allow an unauthenticated user to gain access to network resources.

This vulnerability has been assigned the following CVE number:

• CVE-2013-2263

This vulnerability affects all 5.0.x versions of the Citrix Access Gateway Standard Edition appliance firmware earlier than 5.0.4.223524.

Citrix Access Gateway Standard Edition versions 4.5.x and 4.6.x are not affected by this vulnerability.

What Customers Should Do Continue reading “Vulnerability in Citrix Access Gateway Standard Edition 5.0 could result in unauthorized access to network resources”

Citrix Access Gateway consolidation

The Citrix Access Gateway team is pleased to announce changes being made to simplify the product line and sales process. On September 17, 2012 the following changes were announced:

Products Discontinued

  • Access Gateway VPX (non-NetScaler code)
  • Access Gateway 2010
  • Access Gateway software editions 4.x and 5.x
  • Extended warranty option for Access Gateway MPX 5500

Name Change

  • Access Gateway MPX (formerly Access Gateway 5500)

New! Citrix Access Gateway VPX

Citrix has announced the new Access Gateway VPX virtual appliance based on NetScaler to replace the discontinued Access Gateway VPX.

Read more here.

Access Gateway licensing demystified

Access Gateway discussed in this blog is the Access Gateway based on NetScaler, which is popularly referred to as Access Gateway Enterprise. Citrix has recently announced End of Life for all non-NetScaler based Access Gateway platforms, which then makes Enterprise edition, the de-facto Access Gateway.

In this blog, Prashant Batra will discuss the two license types used on your Access Gateway appliance, the two kinds of vServers you can set up to leverage these licenses to provide standard / advanced functionalities, and an example scenario towards the end, to help illustrate these concepts in a real scenario.

License Types

Access Gateway is licensed at two levels:

  • Platform License
  • Universal License

Platform Licenses

Every Access Gateway (VPX/MPX) comes with a Platform license, which enables all the basic functionality in Access Gateway. After purchasing an appliance, this license is automatically made available in your MyCitrix account, and can be easily downloaded and installed on your appliance.

Platform licenses can be used to provide seamless access to:

  • ICAProxy access to XenApp / XenDesktop, using Web Interface
  • ICAProxy access to XenApp / XenDesktop, using Storefront (CloudGateway Express)

Read the rest of Prashant Batra’s blog here on the Citrix blogs.

Security vulnerabilities in Citrix Access Gateway standard edition

Three security vulnerabilities have been identified in Access Gateway Standard Edition:

    • Directory traversal in Access Gateway Standard Edition 5.0.x prior to version 5.0.4 (critical severity)

    • Access Gateway Standard Edition 5.0.x can act as an open proxy (high severity)

    • Text content injection in Access Gateway Standard Edition 5.0.3 and 5.0.4 (low severity)

Access Gateway Standard Edition versions 4.5.x and 4.6.x and currently supported versions of NetScaler Access Gateway Enterprise Edition are not affected by these vulnerabilities.

What Customers Should Do

A patch for version 5.0.4 of the Access Gateway Standard Edition firmware has been released to address these vulnerabilities. Citrix strongly recommends that all customers using affected versions of Access Gateway Standard Edition apply this patch to their appliances as soon as possible. This patch can be found at the following location:

https://www.citrix.com/English/ss/downloads/results.asp?productID=15005&c1=pov2305020&c2=sot36239

What Citrix Is Doing

Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at http://support.citrix.com/.

Obtaining Support on This Issue

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at http://www.citrix.com/site/ss/supportContacts.asp.

Reporting Security Vulnerabilities to Citrix

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. If you would like to report a security issue to Citrix, please compose an e-mail to secure@citrix.com stating the exact version of the product in which the vulnerability was found and the steps needed to reproduce the vulnerability.

Read the original KB article here.

Mac OS X 10.8 (Mountain Lion) Access Gateway VPN client fails

Summary

This document contains information on issues that are reported when using Citrix Access Gateway VPN Client with Mac OS X 10.8 (Mountain Lion). An attempt to connect to a VPN tunnel fails and possibly crashes the machine.

Cause

The Access Gateway VPN Client (all versions) is currently not supported with Mac OS X 10.8 Mountain Lion.

Resolution

Citrix recommends uninstalling the plug-in. At this time, there is no workaround for the Access Gateway VPN Clients when using Mac OS X 10.8 Mountain Lion.

Status

Citrix is currently investigating this issue.

Read the original post here at the Citrix Knowledgebase.