The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Citrix Presentation Server

computer vulnerability bulletin 11648

Citrix XenApp, Presentation Server: denial of service via Branch Repeater

Synthesis of the vulnerability

A remote attacker can connect through Branch Repeater, in order to generate a fatal error in wdica.sys, which stops Citrix XenApp.
Impacted products: Citrix Presentation Server, XenApp.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Creation date: 23/05/2012.
Identifiers: BID-53663, CTX133159, VIGILANCE-VUL-11648.

Description of the vulnerability

The Branch Repeater service is used to optimize network access.

Citrix products install the wdica.sys driver (Independent Computing Architecture WinStation Driver) which processes client-server exchanges.

A remote attacker can connect through Branch Repeater, in order to generate a fatal error in wdica.sys, which stops Citrix XenApp.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert 11146

Citrix Presentation Server Client: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in Citrix Presentation Server.
Impacted products: Citrix Presentation Server, XenApp.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 4.
Creation date: 09/11/2011.
Identifiers: CTX114893, CTX116228, CTX116310, CTX116941, VIGILANCE-VUL-11146.

Description of the vulnerability

Several vulnerabilities were announced in Citrix Presentation Server.

ICA connections can use SecureICA and ICA Basic encryption levels weaker than the ones defined by the administrator. [severity:1/4; CTX114893]

When MSI Logging is enabled, authentication credential are logged. [severity:1/4; CTX116228]

On Windows, a local attacker can elevate his privileges. [severity:2/4; CTX116310]

An authenticated attacker can access to a desktop, even if he is not allowed. [severity:2/4; CTX116941]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note 11129

Citrix Presentation Server Client: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in Citrix Presentation Server Client for Windows.
Impacted products: Citrix Presentation Server, XenApp.
Severity: 2/4.
Consequences: user access/rights, data reading.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 07/11/2011.
Identifiers: CTX111827, CTX112589, CTX116227, VIGILANCE-VUL-11129.

Description of the vulnerability

Several vulnerabilities were announced in Citrix Presentation Server Client for Windows.

A vulnerability of the Citrix Presentation Server Client for Windows ActiveX can be used by a remote attacker to execute code. [severity:2/4; CTX111827]

A vulnerability of ICA connections of Citrix Presentation Server Client for Windows can be used by an attacker to execute code. [severity:2/4; CTX112589]

The memory of the Citrix Presentation Server Client for Windows process contains sensitive information. [severity:1/4; CTX116227]
Full Vigil@nce bulletin... (Free trial)

vulnerability note 10874

Citrix XenApp, XenDesktop: code execution via XML Service

Synthesis of the vulnerability

An attacker can send a malicious query to Citrix XML Service, in order to execute code.
Impacted products: Citrix Presentation Server, XenApp, XenDesktop.
Severity: 3/4.
Consequences: privileged access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 27/07/2011.
Revision date: 29/07/2011.
Identifiers: BID-48898, CTX129430, n.runs-SA-2011.001, n.runs-SA-2011.002, VIGILANCE-VUL-10874.

Description of the vulnerability

The XML Service interface of XenApp/XenDesktop can be configured with Microsoft IIS, or can be directly reachable via ctxxmlss.exe (Citrix XML Service). Two vulnerabilities impact Citrix XML Service.

An attacker can use a password encoded as "ctx1" and longer than 256 characters, in order to create a buffer overflow in /scripts/wpnbr.dll. [severity:3/4; n.runs-SA-2011.001]

An attacker can use a long "/scripts/" url, in order to corrupt the memory. [severity:3/4; n.runs-SA-2011.002]

An attacker can therefore send a malicious query to Citrix XML Service, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 10493

Citrix Presentation Server, XenApp: code execution via ActiveSync

Synthesis of the vulnerability

A network attacker can use the ActiveSync feature of Citrix Presentation Server and Citrix XenApp, in order to execute code.
Impacted products: Citrix Presentation Server, XenApp.
Severity: 3/4.
Consequences: user access/rights.
Provenance: intranet client.
Creation date: 24/03/2011.
Identifiers: BID-47016, CTX128366, VIGILANCE-VUL-10493.

Description of the vulnerability

The ActiveSync feature is used to synchronize data of a mobile/pda with data of an application such as Microsoft Outlook.

The Citrix Presentation Server and Citrix XenApp products enable the ActiveSync service, which listens on port 28875.

A network attacker can connect to the ActiveSync feature of Citrix Presentation Server and Citrix XenApp, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability 10390

Citrix XenApp, XenDesktop: code execution via XML Service

Synthesis of the vulnerability

An attacker can send a malicious query to the XML Service of XenApp and XenDesktop, in order to execute code.
Impacted products: Citrix Presentation Server, XenApp, XenDesktop.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights.
Provenance: intranet client.
Creation date: 23/02/2011.
Identifiers: BID-46511, CTX128169, VIGILANCE-VUL-10390.

Description of the vulnerability

The Citrix XML Service is installed with several Citrix products, in order to process XML data. It listens for example on the port 80/tcp.

An attacker can send a malicious query to the XML Service of XenApp and XenDesktop, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2009-2453

Citrix XenApp: incorrect policy

Synthesis of the vulnerability

The access policy of Citrix XenApp 4.5 Hotfix Rollup Pack 3 is not applied.
Impacted products: Citrix Presentation Server, XenApp.
Severity: 3/4.
Consequences: user access/rights.
Provenance: intranet client.
Creation date: 23/04/2009.
Identifiers: BID-34691, CTX118792, CVE-2009-2453, VIGILANCE-VUL-8666.

Description of the vulnerability

The Access Gateway filters of XenApp are used to define access policies.

However, the Access Gateway access policy is not applied on Citrix XenApp version 4.5 Hotfix Rollup Pack 3.

An attacker can therefore access to resources he should not have access to.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2008-6561

Citrix Presentation Server: information disclosure

Synthesis of the vulnerability

The client for Windows of Citrix Presentation Server keeps authentication data in memory.
Impacted products: Citrix Presentation Server, XenApp.
Severity: 1/4.
Consequences: user access/rights, data reading.
Provenance: user shell.
Creation date: 03/04/2009.
Identifiers: CTX116227, CVE-2008-6561, VIGILANCE-VUL-8598.

Description of the vulnerability

The Citrix Presentation Server Client for Windows product is used to connect to the server.

When the authentication phase is finished, authentication credentials are not needed anymore. However, they are kept in memory.

An attacker, who already has an access to the victim's computer, can therefore read the memory of the process in order to connect to another system.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.