Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0908


Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0908
Last Modified 05 Sep 2008 04:25:12
Published 21 Nov 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).

Vulnerable Systems


  • Citrix Metaframe 1.8


XF - win-terminal-spoof-address(7538)

BID - 3566

BUGTRAQ - 20011121 CITRIX & Microsoft Windows Terminal Services False IP Address Vulnerability

Last Updated: 27 May 2016 10:36:26