Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6267

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2007-6267
Last Modified 07 Mar 2011 10:02:18
Published 07 Dec 2007 06:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-6267

Summary

Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeSight for NetScaler 1.0 and 1.1 do not properly store database credentials in configuration files, which allows local users to obtain sensitive information.

Vulnerable Systems

Application

  • Citrix Edgesight For Endpoints 4.2

  • Citrix Edgesight For Endpoints 4.5

  • Citrix Edgesight For Netscaler 1.0

  • Citrix Edgesight For Netscaler 1.1

  • Citrix Edgesight For Presentation Server 4.2

  • Citrix Edgesight For Presentation Server 4.5


References

BID - 26705

CONFIRM - http://support.citrix.com/article/CTX115281

VUPEN - ADV-2007-4091

SECUNIA - 27935

XF - edgesight-configuration-file-info-disclosure(38861)

SECTRACK - 1019050


Last Updated: 27 May 2016 10:46:26