Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2299

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-2299
Last Modified 07 Mar 2011 10:08:58
Published 18 May 2008 10:20:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2299

Summary

Unspecified vulnerability in SecureICA and ICA Basic encryption of Citrix Presentation Server 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 can cause clients to use weaker encryption settings than configured by the administrator, which might allow attackers to bypass intended restrictions.

Vulnerable Systems

Application

  • Citrix Access Essentials 2.0

  • Citrix Desktop Server 1.0

  • Citrix Presentation Server 4.5


References

SECTRACK - 1020026

CONFIRM - http://support.citrix.com/article/CTX114893

XF - citrix-presentationserver-ica-weak-security(42444)

VUPEN - ADV-2008-1531

BID - 29233

SECUNIA - 30271


Last Updated: 27 May 2016 10:47:48