Intrusion Prevention

Citrix.MetaFrame.IMA.Authentication.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer overflow vulnerability in Citrix MetaFrame Presentation Server.
The vulnerability is caused by an error that occurs when the vulnerable software handles an authentication packet. It allows a remote attacker to execute arbitrary code via invalid size values in the authentication packet.

Affected Products

Citrix MetaFrame XP 1.0 for Windows 2000 Server
Citrix MetaFrame XP 1.0 for Windows Server 2003
Citrix MetaFrame Presentation Server 3.0 for Windows 2000 Server
Citrix MetaFrame Presentation Server 3.0 for Windows Server 2003
Citrix Presentation Server 4.0 for Windows 2000 Server
Citrix Presentation Server 4.0 for Windows Server 2003
Citrix Presentation Server 4.0 for Windows Server 2003 x64 Editions

Impact

System compromise.

Recommended Actions

Apply patches :
http://support.citrix.com/article/CTX111186

CVE References

CVE-2006-5821