EUVD-2008-6790

Malware in sbrugna...

Design/Logic Flaw

The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. NOTE: the attacker must also...

CVE-2008-6830

CVE-2008-6830 affects Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers. The disconnection feature does not properly terminate a user Web Interface session, enabling an attacker with access to the same browser instance and valid credentials to gain access to that user’s Web Interfac...

CVE-2008-6830

The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. NOTE: the attacker must also...

Citrix Web接口安全绕过漏洞

BUGTRAQ ID: 31943 CNCAN ID：CNCAN-2008102902 Java Application Servers的Citrix web接口存在漏洞，可导致断开进程未能正确终止用户的WEB接口会话。这允许其他验证用户使用相同浏览器实例获得对已经存在WEB接口会话的未授权访问 此漏洞值影响WEB接口5.0和5.0.1，Java Application Servers的旧版本web接口和所有针对Microsoft IIS的WEB接口版本不受此漏洞影响。 Citrix Web Interface 5.0.1 Citrix Web Interface 5.0 Citrix...