Lucene search

MitreCVE-2005-3134

HistoryOct 04, 2005 - 10:02 p.m.

CVE-2005-3134

2005-10-0422:02:00

mitre

web.nvd.nist.gov

citrix

metaframe presentation server

policy restriction

bypass

cve-2005-3134

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.004

Percentile

72.3%

JSON

Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName).

Affected configurations

Nvd

Node

citrixmetaframeMatch3.0

citrixmetaframeMatch4.0

VendorProductVersionCPE
citrixmetaframe3.0cpe:2.3:a:citrix:metaframe:3.0:*:*:*:*:*:*:*
citrixmetaframe4.0cpe:2.3:a:citrix:metaframe:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
citrix	metaframe	3.0	cpe:2.3:a:citrix:metaframe:3.0:::::::*
citrix	metaframe	4.0	cpe:2.3:a:citrix:metaframe:4.0:::::::*

References

marc.info/?l=bugtraq&m=112811189420696&w=2

secunia.com/advisories/17032/

securityreason.com/securityalert/39

securitytracker.com/id?1014994

support.citrix.com/kb/entry%21default.jspa?categoryID=275&externalID=CTX107705

www.grupoitpro.com.ar/ctxpoliciesbypass.txt

www.securityfocus.com/bid/14989

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.004

Percentile

72.3%

JSON

Related for CVE-2005-3134