This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote Windows host has an ActiveX control that is affected by
The Citrix Access Gateway ActiveX control for Citrix Access Gateway
Enterprise Edition is installed on the remote Windows host. It is the
ActiveX component of the Citrix Access Gateway Plug-in for Windows and
provides an SSL-based VPN via a web browser.
The installed version of this control is affected by the following
vulnerabilities that could lead to arbitrary code execution :
- The control loads a dynamic link library (DLL) when
processing HTTP header data from the Access Gateway
server without properly ensuring that the DLL has a
valid signature. (ZDI 928)
- The control copies HTTP header data from the Access
Gateway server into a fixed-size stack buffer without
verifying the size of the data, which could result in
a buffer overflow. (ZDI 929)
See also :
Either set the kill bit for the control or upgrade to Citrix Access
Gateway Enterprise Edition 8.1-67.7 / 9.0-70.5 / 9.1-96.4 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true