You are here

U-161: Citrix Provisioning Services Unspecified Flaw Lets Remote Users Execute Arbitrary Code

May 3, 2012 - 7:00am

Addthis

PROBLEM:

Citrix Provisioning Services Unspecified Flaw Lets Remote Users Execute Arbitrary Code

PLATFORM:

6.1 and prior

ABSTRACT:

A vulnerability was reported in Citrix Provisioning Services. A remote user can execute arbitrary code on the target system.

reference LINKS:

SecurityTracker Alert ID: 1027004
Secunia Advisory SA48971
Citrix advisory

IMPACT ASSESSMENT:

Medium

Discussion:

A remote user can send a specially crafted packet to trigger an unspecified flaw and execute arbitrary code on the target system. The code will run with the privileges of the target service.

Impact:

A remote user can execute arbitrary code on the target system.

Solution:

The vendor has issued a hotfix 6.1, 6.0, 5.6 SP3.

Addthis