Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Citrix Vulnerability

Published: 2007-01-25
Last Updated: 2007-01-26 20:02:45 UTC
by Pedro Bueno (Version: 1)
0 comment(s)
This is for Citrix users: Time to Patch!
Another vulnerability was disclosed that affects the Citrix presentation plataform.
This one, discovered by the ZeroDayInitiative is a buffer overflow vulnerability and received the CVE ID of CVE-2007-0444 (not much info there) and affects the Citrix Presentation  Server 4.0, Metaframe XP 1.0 and  Metaframe Presentation  Server 3.0.
If sucessfuly exploited, an attacker will be able to run code as System.
Exploit for this vulnerability is available, so I really recommend the usual test and patch procedure!
Citrix has information about this vulnerability and the proper measures to take.

Update:

Here you can find more info regarding this CVE number.
Keywords:
0 comment(s)
Diary Archives