[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [FD] Citrix Linux client logs session credentials
From:       Russell Howe <russellghowe () gmail ! com>
Date:       2023-01-14 21:02:36
Message-ID: CAFZyPGRXhsAAAvf26EpoWw+cX=edQ5W+XwpP12d4kL3hvA6Nhw () mail ! gmail ! com
[Download RAW message or body]

The Citrix Linux client emits its session credentials when starting a
Citrix session. These credentials end up being recorded in the client's
system log.

Citrix do not consider this to be a security vulnerability.

Writeup here:
https://github.com/rhowe/disclosures/tree/main/citrix-linux-client-cred-leak

Write
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic