Two Vulnerabilities In Presentation Server's IMA Service
Friday, 10 November 2006 by Michel Roth
Two vulnerabilities have been reported in Presentation Server. All versions from XP and up are affected. These vulnerabilities in the IMA Service could result in a Denial of Service or arbitrary code execution. Two separate vulnerabilities have been reported in this service:

Sending a specifically crafted packet could result in an internal buffer being overflowed. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Citrix MetaFrame Presentation Server. Authentication is not required to exploit this vulnerability.

By constructing a specific packet, it is possible to cause the IMA service to reference an unmapped memory address. This causes an unhandled exception, which in turn causes the service to exit, resulting in a DoS condition.

Read the entire Citrix advisory here.

Related Items:

Arbitrary Code Execution Vulnerability in IMA (16 January 2008)
Security Updates Summary For May 2006 (9 May 2006)
Domain Name System (DNS) Protocol Denial Of Service Vulnerability (24 May 2005)
Citrix Metaframe XP Unspecified Buffer Overflow Vulnerability (23 December 2004)
Microsoft Windows IPv6 Remote Denial Of Service Vulnerability (18 May 2005)
VMware ESX Server Multiple Vulnerabilities (5 April 2007)
McAfee Antivirus Products LHA Archive Stack Overflow Vulnerability (18 March 2005)
Citrix Presentation Server And MetaFrame Print Provider Buffer Overflow Vulnerability (24 January 2007)
Microsoft Updates For April (13 April 2005)
November's Hotfix: Microsoft Security Bulletin MS05-053 (10 November 2005)
Comments (0)add feed
Show/Hide comment formtoggle
password
 

busy