Related Topics

Citrix Application Firewall employs a positive security model to protect against attacks exploiting any one of the 16 classes of application vulnerabilities. Without complete, 16‑out‑of‑16‑protection, applications are exposed to unnecessary risks.

1. Buffer Overflow Exploits: A common type of input validation attack that overflows a buffer with excessive data. Successfully executed, the hacker can run a remote shell on the machine and gain the same system privileges granted to the application being attacked.
2. CGI‑BIN Parameter Manipulation: An input validation attack that illegally modifies data that is passed to a server-side script. Without proper validation of query parameters passed to CGI scripts, a hacker can gain unauthorized system privileges allowing him to modify files, run commands, and execute other operations.
3. Form/Hidden Field Manipulation: Modifying the contents of a hidden field in an attempt to trick the application into accepting invalid data.
4. Forceful Browsing: Access of unauthorized and unadvertised URLs to gain access to the root directory of a web server, or other areas which should be off limits.
5. Cookie/Session Poisoning: Reverse engineering weak cookies to steal a user’s session or impersonate a legitimate user of an application.
6. Broken ACLs/Weak Passwords: Circumventing an application’s access control system by requesting resources for which the user should not have access.
7. Cross‑Site Scripting (XSS): Attacking the trust relationship between a user and a web application. Tricking the user or the user’s browser into sending an attacker confidential information that can be used to steal that user’s identity.
8. Command Injection: inserting system commands in program variables like form fields that get inadvertently executed on the server.
9. SQL Injection: An input validation attack that sends SQL commands to web applications, which are then passed to a back‑end database. Successfully executed, the hacker can gain access to a sensitive information store.
10. Error Triggering Sensitive Information Leaks: Feeding malformed, illegitimate data to an application with the goal of generating errors and gaining sensitive information about the application environment.
11. Insecure Use of Crypto: Exploiting an application’s use of a weak cryptographic algorithm in digitally signing cookies.
12. Server Misconfiguration: Exploiting server misconfigurations, including the failure to fully lock down or harden the web server, disable default accounts and services, or remove unnecessary functionality.
13. Back Doors and Debug Options: Exploiting application back doors or debug code on production systems.
14. Web Site Defacement: Malicious modification of web pages.
15. Well-known Platform Vulnerabilities: Exploiting unpatched vulnerabilities of web servers or operating systems to gain unauthorized access to an application.
16. Zero-Day Exploits: A vulnerability that is exploited before it is announced publicly and before vendor‑developed patches, signatures, or other fixes are available.

Citrix Products