CVE-2006-4846

Severity

51%

Complexity

49%

Confidentiality

106%

Successful exploitation requires that the Advanced Access Control option is set to use LDAP authentication. This vulnerability is addressed by hotfix AAC420W004.

Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 before 20060914, when AAC is configured to use LDAP authentication, allows remote attackers to bypass authentication via unknown vectors.

Successful exploitation requires that the Advanced Access Control option is set to use LDAP authentication. This vulnerability is addressed by hotfix AAC420W004.

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

First reported 18 years ago

2006-09-19 01:07:00

Last updated 7 years ago

2017-07-20 01:33:00

Affected Software

Citrix Access Gateway 4.2

4.2

References

21941

Patch, Vendor Advisory

1016874

Patch

http://support.citrix.com/article/CTX110439

Patch

http://support.citrix.com/article/CTX110950

Patch

VU#658620

US Government Resource

28938

20066

Patch

ADV-2006-3643

citrix-acc-ldap-auth-bypass(28990)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.