Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3134

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3134
Last Modified 10 Sep 2008 03:45:34
Published 04 Oct 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3134

Summary

Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName).

Vulnerable Systems

Application

  • Citrix Metaframe 3.0

  • Citrix Metaframe 4.0


References

BID - 14989

MISC - http://www.grupoitpro.com.ar/ctxpoliciesbypass.txt

CONFIRM - http://support.citrix.com/kb/entry!default.jspa?categoryID=275&externalID=CTX107705

SECUNIA - 17032

BUGTRAQ - 20050930 Citrix Metaframe Presentation Server bypassing policies

SECTRACK - 1014994

SREASON - 39


Last Updated: 27 May 2016 10:40:48