BugZero | Citrix NetScaler BugID NSHELP-38416 - NetScaler now raises an SNMP trap for a SYN flood ...

Citrix NetScaler - Defect ID: NSHELP-38416

NetScaler now raises an SNMP trap for a SYN flood attack when it detects more than 100 SYN-ACK retransmissions within 1 second. Previously, traps were raised for RNAT and wildcard servers without considering the 1-second threshold.

Citrix NetScaler - Defect ID: NSHELP-38416

NetScaler now raises an SNMP trap for a SYN flood attack when it detects more than 100 SYN-ACK retransmissions within 1 second. Previously, traps were raised for RNAT and wildcard servers without considering the 1-second threshold.

Last updated on April 29th, 2026

BugZero Risk Score
0.0 Coming soon

Overall: N/A

Severity: N/A

Community: N/A

Lifecycle: N/A

What is the BugZero Risk Score?

Citrix NetScaler Integration

Learn more about where this data comes from

Citrix NetScaler Integration

Learn more

BugZero Plan

Streamline upgrades with automated vendor bug scrubs

BugZero Plan

Learn more

BugZero Prevent

Wish you caught this bug sooner? Get proactive today.

BugZero Prevent

Learn more

Bug Details

Status: Fixed

Description

The vendor has published 1 unique mention(s) for this bug: 1. NetScaler now raises an SNMP trap for a SYN flood attack when it detects more than 100 SYN-ACK retransmissions within 1 second. Previously, traps were raised for RNAT and wildcard servers without considering the 1-second threshold. Modules: 1. System Latest urls for this bug: 1. https://docs.netscaler.com/en-us/updates?product=NetScaler%20ADC%20%28includes%20NetScaler%20Gateway%29&version=13.1&build=57.26 2. https://docs.netscaler.com/en-us/updates?product=NetScaler%20ADC%20%28includes%20NetScaler%20Gateway%29&version=14.1&build=43.56

Change history

2026-04-29 Added: 13.1 Build 57.26, 14.1 Build 43.56

2026-04-29 Removed: Build 13.1-57.26, Build 14.1-43.56

2025-07-16 Removed: Build 14.1-43.50

2025-07-16 Added: Build 13.1-57.26, Build 14.1-43.50, Build 14.1-43.56

Top Citrix NetScaler Defects

Defect ID: NSHELP-41484
NetScaler might generate the lsof_<hostname> file each time you create a support bundle. However, the system fails to remove these files immediately after the generation process is complete.
Defect ID: NSHELP-42609
The NetScaler packet engine might crash due to a defect in backend TLS 1.3 connection state handling during teardown. On NetScaler SDX platforms with multiple instances, a crash in one instance can also affect other instances sharing the same crypto hardware.
Defect ID: NSHELP-41518
Client requests might fail if HTTP/2 header values contain space characters. These spaces can trigger header frame processing errors, particularly when the client sends improperly formatted header values.
Defect ID: NSBASE-19568
When the server-side TCP window reaches a 2 GB limit, the gRPC hold logic incorrectly opens the TCP window twice for held bytes, resulting in a zero window advertisement. This issue also includes incorrect accounting of chunk header and trailer bytes before they are passed to the application handler, affecting TCP window management and data transmission.
Defect ID: NSHELP-42103
Pitboss logs might sometimes flood ns.log when the SSLVPN or IC feature is enabled and cache memory is set to 492 MB, specifically when the number of NetScaler packet engines is 4 or 5.

Ready to prevent the next vendor outage?

Get a demo

Citrix NetScaler - Defect ID: NSHELP-38416

NetScaler now raises an SNMP trap for a SYN flood attack when it detects more than 100 SYN-ACK retransmissions within 1 second. Previously, traps were raised for RNAT and wildcard servers without considering the 1-second threshold.

Citrix NetScaler - Defect ID: NSHELP-38416

NetScaler now raises an SNMP trap for a SYN flood attack when it detects more than 100 SYN-ACK retransmissions within 1 second. Previously, traps were raised for RNAT and wildcard servers without considering the 1-second threshold.

Last updated on April 29th, 2026

BugZero Risk Score0.0 Coming soon

Bug Details

Links

Top Citrix NetScaler Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
0.0 Coming soon