A weakness has been reported in Citrix Presentation Server, which potentially can be exploited by malicious people to compromise a vulnerable system.
The problem is that published applications and potentially other applications can be launched when invoking an ICA connection to a Citrix Presentation Server. This can be exploited to e.g. launch published applications with specially crafted parameters on a Citrix Presentation Server when a user is tricked into visiting a malicious website or opening a malicious .ICA file.
Successful exploitation requires that the target user is authorized to execute the published application and that the Citrix Presentation Server is configured e.g. to allow parameters to be passed to published applications.
The weakness affects the following products:
* Access Essentials 1.0
* Citrix Access Essentials 1.5
* Citrix Access Essentials 2.0
* Citrix MetaFrame Presentation Server 3.0 for Microsoft Windows 2000
* Citrix MetaFrame Presentation Server 3.0 for Microsoft Windows 2003
* Citrix Presentation Server 4.0 for Microsoft Windows 2000
* Citrix Presentation Server 4.0 for Microsoft Windows 2003
* Citrix Presentation Server 4.0 x64 Edition
* Citrix Presentation Server 4.5 for Windows Server 2003
* Citrix Presentation Server 4.5 for Windows Server 2003 Feature Pack 1
* Citrix Presentation Server 4.5 for Windows Server 2003 x64 Edition
Solution: Apply Hotfix Rollup Pack 2 (see vendor's advisory for details).
Provided and/or discovered by: .ICA files launching published applications via the "InitialProgram" key originally reported by wirepair and recently discussed by pdp.
Original Advisory: CTX115245:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Citrix Presentation Server Published Application Execution Weakness
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.