Error: “HTTP 404 Not Found” When Accessing StoreFront Through NetScaler Gateway

  • Verify that the StoreFront resolves the base URL to itself by pinging base URL from the StoreFront command line. If it does not resolve to the base URL then make an entry in the host file on StoreFront so that the base URL resolves to itself.

    You can also check to see if the page loads from the storefront server it’s self. If you copy the Receiver for Web URL, and change the domain to local host, it should load a storefront page. It will look similar to this http://127.0.0.1/Citrix/StoreWeb

    If you still get 404 after testing reachability on the storefront server it’s self, it is recommended to bring in a Storefront engineer for further troubleshooting.

  • Related:

    • No Related Posts

    Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability

    A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition.

    This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP).

    Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.

    Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK

    This advisory is part of the February 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

    Security Impact Rating: High

    CVE: CVE-2021-1230

    Related:

    • No Related Posts

    Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability

    A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition.

    The vulnerability is due to improper error handling on established SSL/TLS connections. An attacker could exploit this vulnerability by establishing an SSL/TLS connection with the affected device and then sending a malicious SSL/TLS message within that connection. A successful exploit could allow the attacker to cause the device to reload.

    Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy

    Security Impact Rating: High

    CVE: CVE-2020-27124

    Related:

    • No Related Posts

    How to create responder policy allow/block a set of ip's

    • We need to first create a data set under AppExpert>Dataset
    • We need to put all the IP that we want to block/allow

    User-added image

    • After creating the data set create the following responder policy

    CLIENT.IP.SRC.TYPECAST_TEXT_T.CONTAINS_ANY(“data_set”)

    In the above expression I have called the data set in the expression

    For subnet range the policy will be as follows:

    CLIENT.IP.SRC.IN_SUBNET(x.x.x.x/32)

    Now if we want to evaluate single Ip and subnet we need to create the following expression:

    CLIENT.IP.SRC.TYPECAST_TEXT_T.CONTAINS_ANY(“data_set”) && CLIENT.IP.SRC.IN_SUBNET(x.x.x.x/32)

    >You can use other subnets using && operator. Take assistance of expression editor to configure the policy.

    >And create a action (in this case I am creating a action as redirect)

    User-added image

    >Bind the responder to the virtual server

    Since the above expression is true for ip 1.1.1.1 you will get redirected to https://citrix.com

    Related:

    • No Related Posts

    Cisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service Vulnerability

    A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.

    The vulnerability is due to incomplete input validation of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this specific, valid BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause one of the BGP-related routing applications to restart multiple times, leading to a system-level restart.

    Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.

    Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-nlri-dos-458rG2OQ

    This advisory is part of the August 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes seven Cisco Security Advisories that describe seven vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: August 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

    Security Impact Rating: High

    CVE: CVE-2020-3397

    Related:

    Cisco NX-OS Software Border Gateway Protocol Multicast VPN Session Denial of Service Vulnerability

    A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down.

    The vulnerability is due to incorrect parsing of a specific type of BGP MVPN update message. An attacker could exploit this vulnerability by sending this BGP MVPN update message to a targeted device. A successful exploit could allow the attacker to cause the BGP peer connections to reset, which could lead to BGP route instability and impact traffic. The incoming BGP MVPN update message is valid but is parsed incorrectly by the NX-OS device, which could send a corrupted BGP update to the configured BGP peer. 

    Note: The Cisco implementation of BGP accepts incoming BGP traffic from only explicitly configured peers. To exploit this vulnerability, an attacker must send a specific BGP MVPN update message over an established TCP connection that appears to come from a trusted BGP peer. To do so, the attacker must obtain information about the BGP peers in the trusted network of the affected system.

    Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxosbgp-mvpn-dos-K8kbCrJp

    This advisory is part of the August 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes seven Cisco Security Advisories that describe seven vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: August 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

    Security Impact Rating: High

    CVE: CVE-2020-3398

    Related: