Citrix Presentation Server And MetaFrame Print Provider Buffer Overflow Vulnerability
Thursday, 25 January 2007 by Michel Roth
A vulnerability has been identified in Citrix Presentation Server and Citrix MetaFrame XP, which could be exploited by local or remote attackers to cause a denial of service or take complete control of an affected system. This issue is due to a buffer overflow error in the client print provider (CPPROV.DLL) that fails to properly handle malformed requests, which could be exploited by malicious local users to obtain elevated privileges via a malformed API call, or by remote unauthenticated attackers to execute arbitrary commands with SYSTEM privileges via a specially crafted RPC request.

Affected Products
Citrix Presentation Server version 4.0 and prior
Citrix MetaFrame Presentation Server version 3.0 and prior
Citrix MetaFrame XP version 1.0 and prior

There's a hotfix out for every affected version. Get it from CTX111686.

Related Items:

McAfee Antivirus Products LHA Archive Stack Overflow Vulnerability (18 March 2005)
Citrix MetaFrame Insecure Default Registry Key Permissions (19 July 2006)
Domain Name System (DNS) Protocol Denial Of Service Vulnerability (24 May 2005)
Citrix ICA Client ActiveX Control Heap Overflow Vulnerability (6 December 2006)
Security Updates Summary For May 2006 (9 May 2006)
Two Vulnerabilities In Presentation Server's IMA Service (9 November 2006)
Citrix Program Neighborhood Agent Two Vulnerabilities (26 April 2005)
VMware ESX Server Multiple Vulnerabilities (5 April 2007)
Wyse Winterm 1125SE IP Option Length Denial of Service (12 August 2005)
J2SE Java Web Start Client-Side Argument Injection Vulnerability (21 March 2005)
Comments (0)add feed
Show/Hide comment formtoggle
password
 

busy