Citrix Program Neighborhood name buffer overflow

Added: 02/01/2006
CVE: CVE-2005-3652
BID: 15907
OSVDB: 21816

Background

Citrix Presentation Server, formerly Citrix MetaFrame, allows applications to be deployed across a network to various client platforms, including Windows, Unix, Macintosh, DOS, and OS/2. The Program Neighborhood Agent running on the client is the interface to the application.

Problem

A buffer overflow occurs when the Citrix Program Neighborhood client processes Application Set responses containing a long name value.

Resolution

Upgrade to the fixed version referenced in Citrix document CTX108354.

References

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=357

Limitations

Exploit requires user to start the Citrix Neighorhood Client, choose "Add ICA connection", select "TCP/IP" as the protocol, and click on the pull-down menu for applications names. Exploit works on Citrix Neighborhood client 9.0.

Platforms

Windows 2000
Windows XP

Back to exploit index