This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
The remote Windows host has an ActiveX control that is affected by
multiple buffer overflow vulnerabilities.
The Citrix Access Gateway ActiveX control for Citrix Access Gateway
Enterprise Edition is installed on the remote Windows host. It is the
ActiveX component of the Citrix Access Gateway Plug-in for Windows and
provides an SSL-based VPN via a web browser.
The installed version of this control (nsepa.exe) is affected by the
following vulnerabilities involving the 'StartEPA()' method that could
lead to arbitrary code execution :
- A boundary error exists that can be exploited to cause
a heap-based buffer overflow when processing overly
long 'CSEC' HTTP response headers. (CVE-2011-2592)
- An integer overflow exists that can be exploited to
cause a heap-based buffer overflow when processing
specially crafted 'Content-Length' HTTP response
See also :
Update to version 9.3-57.5 / 10.0-69.4 or set the kill bit for the
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false