Citrix Provisioning Services Opcode 40020006 Integer Underflow

Added: 01/20/2012
BID: 49803

Background

Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk.

Problem

Citrix Provisioning Services 5.6 SP1 and prior are vulnerable to a remotely exploitable integer underflow that can lead to a stack overflow. A remote attacker may exploit this vulnerability to execute arbitrary code on the target machine in the context of the server, which is SYSTEM.

Resolution

Apply patches as described in Citrix Knowledge Base Document CTX130846.

References

http://www.zerodayinitiative.com/advisories/ZDI-12-010/
http://www.securityfocus.com/archive/1/521193

Limitations

This exploit has been tested against Citrix Systems Provisioning Services 5.6 SP1 on Windows Server 2003 SP2 English (DEP OptOut).

Platforms

Windows

Back to exploit index