Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0356

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-0356
Last Modified 07 Mar 2011 10:04:22
Published 18 Jan 2008 05:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0356

Summary

Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.

Vulnerable Systems

Application

  • Citrix Access Essentials 2.0

  • Citrix Desktop Server 1.0

  • Citrix Metaframe Presentation Server 4.5

  • Citrix Presentation Server


References

CERT-VN - VU#412228

CONFIRM - http://support.citrix.com/article/CTX114487

MISC - http://zerodayinitiative.com/advisories/ZDI-08-002.html

VUPEN - ADV-2008-0172

SECUNIA - 28508

SECTRACK - 1019231

BID - 27329

BUGTRAQ - 20080117 ZDI-08-002: Citrix Presentation Server IMA Service Heap Overflow Vulnerability


Last Updated: 27 May 2016 10:46:46