Citrix Provisioning Services streamprocess.exe 0x40020000 Opcode Integer Underflow

Added: 07/30/2012
BID: 49803
OSVDB: 75780

Background

Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk.

Problem

Citrix Provisioning Services up to and including version 5.6 Service Pack 1 are vulnerable to remote code execution as a result of an integer underflow. An attacker could exploit this vulnerability by sending a specially crafted packet to the Provisioning Services server on UDP port 6905.

Resolution

Apply the appropriate hotfix as described in Citrix Knowledge Base Document CTX130846.

References

http://www.zerodayinitiative.com/advisories/ZDI-12-009/

Limitations

This exploit has been tested against Citrix Systems Provisioning Services 5.6 SP1 on Microsoft Windows Server 2003 SP2 English (DEP OptOut).

Platforms

Windows

Back to exploit index