You are here

T-589: Citrix XenApp and Citrix Presentation Server Bug

March 28, 2011 - 3:05pm

Addthis

PROBLEM:
Citrix XenApp and Citrix Presentation Server Bug in ActiveSync Lets Remote Users Execute Arbitrary Code.

PLATFORM:

Citrix XenApp Presentation versions 4.5, 5

ABSTRACT:
A vulnerability was reported in Citrix XenApp (Presentation Server). A remote user can execute arbitrary code on the target system.

--------------------------------------------------------------------------------

 

LINKS:
  

  DOE-CIRC BULLETIN:
http://www.doecirc.energy.gov/bulletins/t-589.shtml

  OTHER LINKS:
Citrix Document: CTX128366
SecurityTracker Alert ID: 1025254
Citrix Support
Technical Support Downloads

--------------------------------------------------------------------------------

 

IMPACT ASSESSMENT:
High
 

--------------------------------------------------------------------------------

Discussion:
The ActiveSync feature provides users with the ability to remotely synchronize PDA devices with published applications such as Microsoft Outlook. When a specially crafted packet is sent to a vulnerable server, the ActiveSync service terminates unexpectedly.

Impact:
This vulnerability affects Citrix Presentation Server version 4.5 and Citrix XenApp 5 for Windows Server 2003. The affected service is enabled by default on these platforms.

Access to port 28875 on the Presentation Server or XenApp server would be needed to trigger the vulnerability.

Solution:
A hotfix has been released to address this issue. Citrix recommends that affected customers install this hotfix, which can be downloaded from the following locations:
Citrix Presentation Server 4.5 with Feature Pack/XenApp 5 for Windows Server 2003 x86
Citrix Presentation Server 4.5 with Feature Pack/XenApp 5 for Windows Server 2003 x64
Citrix Access Essentials 2.0

 

 

Addthis