Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Citrix Vulnerability - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Citrix Vulnerability
This is for Citrix users: Time to Patch!
Another vulnerability was disclosed that affects the Citrix presentation plataform.
This one, discovered by the ZeroDayInitiative is a buffer overflow vulnerability and received the CVE ID of CVE-2007-0444 (not much info there) and affects the Citrix Presentation  Server 4.0, Metaframe XP 1.0 and  Metaframe Presentation  Server 3.0.
If sucessfuly exploited, an attacker will be able to run code as System.
Exploit for this vulnerability is available, so I really recommend the usual test and patch procedure!
Citrix has information about this vulnerability and the proper measures to take.

Update:

Here you can find more info regarding this CVE number.
Pedro

155 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!