Posts

CitrixOnline Go-To-xxxx and HeartBleed

As a follow up to my earlier post, Citrix has now released an official statement regarding their online services portfolio. The following products have been tested and confirmed safe from the Heartbleed bug. Read more

Citrix and HeartBleed

There was a major vulnerability being dubbed “HeartBleed” disclosed to the world last Monday. This vulnerability affects the popular cryptographic software library OpenSSL used in many Linux/Unix OSs. This vulnerability, If exploited, could allow an attacker to interact with these secure servers causing them to disclose the contents of their memory, in chunks. These memory chunks could possibly contain private SSL keys, user data, passwords, or other sensitive information. There is no restriction on how many times or which chunks could be ask for, and is just limited to 64k at a time. In addition, an attack of this nature would more than likely not trigger any normal alerts or alarms within those systems. Read more