Signature Detail
Short Name |
APP:CITRIX:AGENT-OF-2 |
|---|---|
Severity |
High |
Recommended |
No |
Category |
APP |
Keywords |
Citrix Program Neighborhood Agent Buffer Overflow 2 |
Release Date |
2006/03/06 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Citrix Program Neighborhood Agent Buffer Overflow 2
This signature detects attempts to exploit a known vulnerability in the Citrix Program Neighborhood Agent. A successful attack can lead to arbitrary remote code execution.
Extended Description
The Citrix Program Neighborhood is prone to a stack-based overflow. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer. This issue allows remote attackers to execute arbitrary machine code in the context of vulnerable client applications. In order to exploit this issue, affected clients must connect to a malicious server. Attacks against the DNS infrastructure used by clients, social engineering, or other methods may be employed to achieve this. Alternatively, attackers must have access to a computer in the same LAN as targeted clients. Versions 9.1 and prior of the Citrix Program Neighborhood client are vulnerable to this issue.
Affected Products
- Citrix ICA Program Neighborhood Client 9.0.0
- Citrix ICA Program Neighborhood Client 9.1.0
References
- BugTraq: 15907
- CVE: CVE-2005-3652
- URL: http://support.citrix.com/kb/entry.jspa?externalID=CTX108354