MetaFrame XP Presentation Server and MetaFrame 1.8 have a flaw that allows an administrator account to mount any client drive available in any user's Citrix session.
34f23f9738b94f17232372cad784b2bf785946c38d216b82724c99af44ef901a-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
============================================================
cqure.net Security Vulnerability Report
No: cqure.net.20040430.citrixmetaframe
============================================================
Vulnerability Summary
- -------------------
Severity: Low
Threat: An administrator can access all of the Citrix user's
client drives
Products:
MetaFrame XP Presentation Server for Windows 1.0
MetaFrame 1.8
Platforms: All
Solution: Apply vendor supplied patches
Vulnerability Description
- -----------------------
It is possible for an administrator to mount any client
drive available in any user's Citrix session.
The drive has to be mounted on the client (local or network
drive) but does not need to be mounted inside the Citrix
session. Access to the drives is granted as the user running
the Citrix client.
Solution
- ------
Apply the patches outlined in the Citrix advisory;
http://support.citrix.com/kb/entry.jspa?entryID=4289
&categoryID=118
Additional Information
- --------------------
It should be noted that administrative access to the
Citrix Server is required to achieve this particular attack.
There are of course other approaches to achieving the same end
result even with the patch applied to the system being the
local administrator.
This advisory is available at http://www.cqure.net
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
iQA/AwUBQJIIqk8V4IWk13ufEQI13QCg63MqunM28K7RpaJ82ntcrHQXK7QAn2OI
cqJHSX86VQnG/eKx6t+S5YgC
=aZ8r
-----END PGP SIGNATURE-----
--
Patrik Karlsson, patrik@cqure.net
http://www.cqure.net
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed