Citrix Program Neighborhood Agent Shortcut Arbitrary Command Execution

2005-04-26T06:35:13
ID OSVDB:15827
Type osvdb
Reporter Patrik Karlsson(patrik@cqure.net)
Modified 2005-04-26T06:35:13

Description

Vulnerability Description

Citrix Program Neighborhood Agent contains a flaw that may allow a remote attacker to execute arbitrary commands. This issue is due to a design error, that allows the creation of arbitrary shortcuts to the client user's Startup folder. It is possible for a remote attacker to place an arbitrary shortcut in the victim's Startup folder and execute arbitrary commands the next time the victim logs in, resulting in a loss of integrity.

Technical Description

To exploit this flaw, a victim must be configured to point to a malicious server.

Solution Description

Upgrade to version 9.0 (Program Neighborhood Agent for Win32), 8.33 (Presentation Server client for WinCE) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Citrix Program Neighborhood Agent contains a flaw that may allow a remote attacker to execute arbitrary commands. This issue is due to a design error, that allows the creation of arbitrary shortcuts to the client user's Startup folder. It is possible for a remote attacker to place an arbitrary shortcut in the victim's Startup folder and execute arbitrary commands the next time the victim logs in, resulting in a loss of integrity.

References:

Vendor URL: http://www.citrix.com/ Vendor Specific Advisory URL Security Tracker: 1013815 Security Tracker: 1013816 Secunia Advisory ID:15108 Related OSVDB ID: 15826 Other Advisory URL: http://www.idefense.com/application/poi/display?id=237&type=vulnerabilities Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0424.html ISS X-Force ID: 20268 CVE-2004-1077