Jump to content
Welcome to our new Citrix community!

CVE-2019-19781 - Have I been compromised?


Recommended Posts

But note, that the script will tell you you´re compromised, if you changed the nsroot or rpc password.

 

**********************************************************************
MATCH: blacklisted content '/etc/passwd'
Found evidence of potential compromise.                               
You should consider performing a forensic investigation of the system.
**********************************************************************
 

I got thoses warning on all Netscalers and the took a fresh VPX (.63), imported it without any external connection, changed only the nsroot password and got the same warning. 

 

Link to comment
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...