Security Researcher Warns About Citrix Vulnerability
Thomas Claburn writes on InformationWeek:
A security consultancy has identified a vulnerability that could allow an attacker to gain "user access level on integrated remote Citrix servers."More here.
GnuCitizen, which identifies itself as a "cutting-edge think tank" and a "creative hacker organization," has posted a warning about a cross-site request forgery attack that can be made in conjunction with a malicious Web site to trick a Citrix user into opening a specially crafted Citrix independent computer architecture (ICA) file that would compromise his or her system.
If successful, the attacker could gain the ability to execute remote commands at the victim's access level.
posted by Fergie @ 10/10/2007 02:58:00 PM
0 Comments:
Post a Comment
<< Home