Signature Detail
Short Name |
APP:CITRIX:META-IMA-AUTH |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Citrix MetaFrame IMA Authentication Processing Buffer Overflow |
Release Date |
2010/09/15 |
Update Number |
1774 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Citrix MetaFrame IMA Authentication Processing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Citrix MetaFrame IMA. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Citrix Presentation Server's IMA service is prone to multiple remote vulnerabilities. These issues include a buffer-overflow vulnerability and a denial-of-service vulnerability. These issue may allow an attacker to execute arbitrary code on the affected computer or to cause denial-of-service conditions.
Affected Products
- Citrix MetaFrame XP
- Citrix MetaFrame XPa
- Citrix MetaFrame XPe
- Citrix MetaFrame XPs
- Citrix MetaFrame XP SP1
- Citrix MetaFrame XP SP2
- Citrix MetaFrame Presentation Server 3.0.0
- Citrix MetaFrame Presentation Server 4.0.0
- Citrix MetaFrame XP for Microsoft Windows 2000 1.0.0
- Citrix MetaFrame XP for Microsoft Windows 2003 1.0.0
- Citrix MetaFrame XP for MS NT 4.0 Server Terminal Server 1.0.0
- Citrix MetaFrame XP Presentation Server for Windows 1.0.0
- Citrix Presentation Server 4.0
References
- BugTraq: 20986
- CVE: CVE-2006-5821
- CVE: CVE-2006-5861