In association with heise online

24 May 2007, 11:44

Vulnerability in Citrix Presentation Server enables network security policy bypass

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Session Reliability Service included in several Citrix products can allow attackers to connect to arbitrary ports on the server and thereby bypass security policies on devices such as firewalls, to access services that are otherwise secure. For this to occur, crafted inquiries must be sent to the service.

The company gives no further details about the vulnerability in its security report. Citrix provides hotfixes for the affected products: MetaFrame Presentation Server; Presentation Server and Access Essentials; which eliminate the vulnerabilites. These are accessible via link for the corresponding products in the company's security report. Administrators should quickly apply them to affected installations.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit