, 4 tweets, 3 min read
My Authors
Read all threads
The cat's pretty much out of the bag on how to exploit this. Expect widespread exploitation attempts for CVE-2019-19781 at this point.
Despite being almost a month old, there is NO PATCH from @citrix at this point. Only a (very important) mitigation.
kb.cert.org/vuls/id/619785/ Image
@citrix You don't need to run a working exploit to know if a system is vulnerable or not, though. Simply visit:
CITRIXGATEWAY/vpns/cfg/smb.conf
in your web browser or script or whatever.
If you get a file, the system is vulnerable.
If you get a 403, it has had mitigations applied.
@citrix Also, FreeBSD 8.4 was EOL'd years ago. And even FreeBSD v. current doesn't even have ASLR enabled (not that it'd matter in this particular case).

And this is something you're exposing directly to the Internet?

YOLO!
@citrix Note that Citrix has updated support.citrix.com/article/CTX267… since its initial release. Two notable changes:
1) Citrix SD-WAN WANOP has been added to affected products.
2) Citrix ADC Release 12.1 builds before 51.16/51.19 and 50.31 have bugs that make the mitigations not work. Whoops!
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Will Dormann

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!