DDIVRT-2008-16 Citrix Broadcast Server 6.0 login.asp SQL Injection --- Update for BID 32832 Dec 23 2008 03:01PM
VulnerabilityResearch ddifrontline com


DDIVRT-2008-16 Citrix Broadcast Server 6.0 login.asp SQL Injection




Date Discovered


October 14, 2008

Discovered By


Digital Defense, Inc. Vulnerability Research Team

Credit: Corey LeBleu and r@b13$

Vulnerability Description


The Citrix Broadcast Server administrative login page is vulnerable to trivial SQL injections via the txtUID HTTP POST parameter. An attacker could leverage this flaw to obtain unauthorized access to the web interface or to extract data from the database via blind SQL injection.

Solution Description


Citrix has released a patch for this flaw as described in Document ID CTX119315. Digital Defense, Inc. would like that thank Citrix for quickly addressing this security vulnerability.

Tested Systems / Software (with versions)


Windows 2003 with Citrix BCS 6.0 for Citrix Access Gateway. Other versions of the Citrix BCS may be vulnerable. According to Citrix Document ID CTX119315, the Avaya AG250 Broadcast Server 2.0 is also vulnerable to this flaw.

Vendor Contact


Citrix Systems, Inc.


secure (at) citrix (dot) com [email concealed]

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus