Intrusion Prevention

Citrix.XenCenterWeb.Input.Validation

Description

This indicates an attack attempt against multiple Input Validation vulnerabilities in Citrix XenCenterWeb.
The vulnerabilities are caused by the user input filter's failure to properly sanitize parameter values that are passed to "console.php", "edituser.php", "changepw.php" ,"hardstopvm.php" and so on. They may allow an attacker to execute arbitrary code, steal cookie based authentication credentials, access or modify data or exploit vulnerabilities in the underlying database.

Affected Products

Citrix XenCenterWeb

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Information Spoofing: Remote attackers can spoof the data of vulnerable systems.

Recommended Actions

XenCenterWeb is an SDK demonstration program that is no longer available and is not supported. It should not be used where security is an issue.

CVE References

CVE-2009-3760