Vulnerability in Citrix Presentation Server enables network security policy bypass
The Session Reliability Service included in several Citrix products can allow attackers to connect to arbitrary ports on the server and thereby bypass security policies on devices such as firewalls, to access services that are otherwise secure. For this to occur, crafted inquiries must be sent to the service.
The company gives no further details about the vulnerability in its security report. Citrix provides hotfixes for the affected products: MetaFrame Presentation Server; Presentation Server and Access Essentials; which eliminate the vulnerabilites. These are accessible via link for the corresponding products in the company's security report. Administrators should quickly apply them to affected installations.
- Vulnerability in Citrix Presentation Server's Session Reliability service could result in network security policy bypass, security report from Citrix