Citrix

 

Register / Login Home    Forums    Presentation Server 4.0    Latest Posts    Latest News    PSP

 Citrix Site Navigation

 Citrix Home

 Citrix Forums

 Citrix Latest Posts

 Citrix Latest Citrix News

 Citrix Presentation Server 4.5

  Citrix Presentation Server 4.5 Guides

  Citrix PS 4.5 White Papers

  Citrix PS 4.5 Hotfixes

  Citrix PS 4.5 My Experiences

 Citrix Presentation Server 4

  Citrix Installing / Configuring

  Citrix Citrix Guides

  Citrix Citrix Tips

  Citrix Citrix White Papers

  Citrix Hotfixes

  Citrix My Personal Experiences

 Citrix Misc

  Citrix Citrix Web Interface

  Citrix Pre Presentation Server 4.0

  Citrix Citrix Security Bulletins
  Citrix Citrix Client
  Citrix Citrix cca
  Citrix Citrix Printing

  Citrix ICA File
  Citrix Citrix RSS Feeds

  Citrix Contact Us

  Citrix Signup Citrix Newsletter

 
 
 Citrix Site Partners

  Citrix Citrix
  Citrix PSP
  Citrix Xbox

  Citrix Flex Developers
  Citrix Travel In Europe
  Citrix Online Hotel Reservations
  Citrix News of software
  Citrix Resources
  Citrix Linkdiy
  Citrix Web Site Development
  Citrix Fix computer problem
  Citrix Fix slow computer
  Citrix Stop Snoring

  Citrix Citrix Tips


Welcome to Citrix Guide. I hope you find our citrix articles useful

 

 Vulnerability in Citrix Presentation Server Client for Windows could result in arbitr
 Citrix Guide Forums > Technical Library > Citrix Security Bulletins
  #1 (permalink)  
Old 05-04-2007, 02:44 PM  Vulnerability in Citrix Presentation Server Client for Windows could result in arbitr

citrix citrix is offline

Administrator

  
Join Date: May 2006
Posts: 305

Submit Article To > Submit to Digg Submit to Reddit Submit to Furl Submit to Del.icio.us Submit to Jeqq Submit to Spurl

Vulnerability in Citrix Presentation Server Client for Windows could result in arbitr
Severity: High
Description of Problem
The Citrix Presentation Server Client for Windows includes support for making ICA connections through proxy servers. An implementation flaw in this functionality may allow an attacker to execute arbitrary code in the context of the client process.
This vulnerability could potentially be exploited by any malicious Web site visited by the user. This vulnerability is likely to be exploitable in most client deployments.
This vulnerability is present in versions 9.230 and earlier of the Citrix Presentation Server Client for Windows.
What Customers Should Do
This vulnerability has been addressed in the Citrix Presentation Server Client for Windows version 10.0 and later. Citrix strongly recommends that customers upgrade their Citrix Presentation Server Client for Windows to version 10.0 and later. These upgrades can be obtained from the following location:
http://www.citrix.com/English/SS/downloads/downloads.asp?dID=2755
To accommodate customers who are unable to immediately move to Citrix Presentation Server Client for Windows version 10.0, a limited release version of the older client containing a fix for this issue is also available. This version of the client (9.237) will provide a temporary work-around until version 10.0 can be deployed. Please refer to the following Knowledge Base article for further information:
http://support.citrix.com/article/CTX112669
Acknowledgements
Citrix thanks Karl Lynn of Juniper Networks for reporting this issue and working with us to protect customers.
What Citrix Is Doing
Citrix is proactively notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Base at http://support.citrix.com/.
Obtaining Support on this Issue
If you require technical assistance with this issue, please contact Citrix Technical Support. Information for contacting Citrix Technical Support is available at http://support.citrix.com/.
Reporting Security Vulnerabilities to Citrix
Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities very seriously. If you would like to report a security issue to Citrix, please compose an e-mail to secure@citrix.com containing the exact version of the product in which the vulnerability was found and the steps needed to reproduce the vulnerability.

Source
__________________
PSP
>> Vulnerability in Citrix Presentation Server Client for Windows could result in arbitr Reply With Quote
Reply

Vulnerability in Citrix Presentation Server Client for Windows could result in arbitr « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 08:02 PM.


Powered by vBulletin Version 3.6.0
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0 RC8


GamesAdda - HealthNews - Cheat Zone - Simple Directory - PSP Forum - PSP News - PSP Downloads - Computing Tips - Contact Us - Citrix Guide - Archive - Top

Citrixguide.com is not endorsed by or affiliated with Citrix Systems, Inc. or any of it’s subsidiaries. Installing/Configuring Citrix ::
Citrix Guides :: Citrix Tips/Advanced Concepts :: Citrix White Papers :: Citrix Hotfixes :: Citrix My Experiences :: Citrix Forums