2 matches found
CVE-2007-6192
The CVE-2007-6192 entry describes an information disclosure vulnerability in the Citrix NetScaler Web Management Interface (NetScaler 8.0 build 47.8). The issue arises from using weak encryption to protect cookie contents by XORing sensitive values (including credentials) with a fixed key stream,...
CVE-2007-6192
The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption XOR of unpadded data to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack...