Citrix Provisioning Services streamprocess.exe Stack Overflow
Added: 02/24/2011BID: 45914
OSVDB: 70597
Background
Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk.Problem
Citrix Provisioning Service 5.6 and prior are vulnerable to a remotely exploitable stack-based buffer overflow. A remote attacker may exploit this vulnerability to gain access to the server.Resolution
Apply Service Pack 1 for Citrix Provisioning Services version 5.6.References
http://support.citrix.com/article/CTX127149http://www.zerodayinitiative.com/advisories/ZDI-11-023/
http://secunia.com/advisories/42954/
Limitations
Exploit works against Citrix Provisioning Service 5.6.Platforms
WindowsBack to exploit index