We are failing the Mcafee-Qualys PCI scan on Windows 2008R2 server running Citrix Secure Gateway 3.3.2 and Citix Web Interface 18.104.22.168 on the same server. The PCI scan is failing and is being flagged for the 3 vulnerabilities. I need to resolve these. Any help is greatly appreciated.
1.QID 12034: Microsoft ASP.NET Custom Errors Found Turned Off.
2. QID 86400: Web Server Reveals Absolute Path
3. QID 90780: Microsoft ASP.NET ValidateRequest Filters Bypass Cross-Site Scripting Vulnerability