Showing posts from 2014

Worse than HeartBleed? CVE-2014-6271

CVE-2014-6271Overview GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.

CVSS Severity (version 2.0):
CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend)
Impact Subscore: 10.0Exploitability Subscore: 10.0
CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Information taken from:…

Citrix XenApp - Automate Discovery

I am in the process of building out a new XenApp environment for a customer, and was thinking... "It would be so nice to automate the 'Configure and run discovery' settings". So how do you accomplish this? I know my service desk would appreciate it!

The answer is a custom "MMC". Below are the steps to accomplish this.

Part 1: Create the custom MMCOpen up a 32bit MMC console (universally will work better and create less stress)On 32 bit OS run "mmc"On 64 bit OS run "mmc /32"

 Click File > Add/Remove Snap-in...

 Select the console you are going to push out to your users and add it to the "Selected snap-ins"(In my case it is going to be AppCenter)

 Right Click on "XenApp"Select "Configure and run discovery"

 Select the "Skip this screen in the future" boxClick Next

 Click on AddFor the server, I am going to pick my two XenApp ControllersDepending on your setup, and where you are publishing this, you wil…

The group policy service failed the logon. Access is denied.

This morning, I had a brand new user log into a Citrix XenApp 6.0 environment. When launching applications, they received the following error message.
"The group policy service failed the logon. Access is denied."
Quick and easy fix for this one is to delete the users profile. User can now log in and launch applications. Issue resolved!

NetScaler - Gateway vServer- Dropping packets from a specific Source

NetScaler - Gateway vServer- Dropping packets from a specific Source While talking with a citrixirc colleague, the question was brought up... "Is there a way to block 1 client from a vserver at the NetScaler level?"
The answer is "Yes". I am sure there are multiple ways to do this. I personally would use a "Responder Policy".
If you want to learn more about Citrix Responder Policies you can check out
Setting up a Responder Policy to drop a clientOpen up the GUI and go to "NetScaler Gateway > Virtual Servers"Open the vServer you would like to add the Responder Policy too.Click on the "Policies" tabThen click on the Responder buttonClick on Insert Policy at the bottomThen click on "New Policy..."
Create the following Responder PolicyName: rpol-%youpickaname%You can use which ever naming convention you would l…