Citrix Presentation and MetaFrame Server Cpprov.DLL Stack Buffer Overflow Vulnerability
BID:22217
Info
Citrix Presentation and MetaFrame Server Cpprov.DLL Stack Buffer Overflow Vulnerability
| Bugtraq ID: | 22217 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0444 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 24 2007 12:00AM |
| Updated: | Jan 29 2007 11:30PM |
| Credit: | The vendor credits an anonymous researcher for the discovery of this vulnerability. |
| Vulnerable: |
Citrix Presentation Server 4.0 Citrix MetaFrame XP 1.0 Citrix MetaFrame Presentation Server 3.0 |
| Not Vulnerable: | |
Discussion
Citrix Presentation and MetaFrame Server Cpprov.DLL Stack Buffer Overflow Vulnerability
Citrix Presentation and MetaFrame Server are prone to a stack-based buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code with the privileges of the 'LocalSystem' account.
Citrix Presentation and MetaFrame Server are prone to a stack-based buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code with the privileges of the 'LocalSystem' account.
Exploit / POC
Citrix Presentation and MetaFrame Server Cpprov.DLL Stack Buffer Overflow Vulnerability
Attackers may leverage this issue by submitting a malicious document to the application's print provider service.
The following exploit is available to Immunity Partners:
https://www.immunityinc.com/downloads/immpartners/citrix_pp.tar
The following proof of concept and exploit code are available:
Attackers may leverage this issue by submitting a malicious document to the application's print provider service.
The following exploit is available to Immunity Partners:
https://www.immunityinc.com/downloads/immpartners/citrix_pp.tar
The following proof of concept and exploit code are available:
Solution / Fix
Citrix Presentation and MetaFrame Server Cpprov.DLL Stack Buffer Overflow Vulnerability
Solution:
The vendor released fixes to address this issue; please see the references for more information.
Solution:
The vendor released fixes to address this issue; please see the references for more information.
References
Citrix Presentation and MetaFrame Server Cpprov.DLL Stack Buffer Overflow Vulnerability
References:
References:
- Citrix Homepage (Citrix)
- Citrix Presentation Server Home Page (Citrix)
- ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow ([email protected])
- Vulnerability in Citrix Presentation Server's print provider could result in ar (Citrix)
- ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow (ZDI)