IP Address Spoofing Vulnerability in Citrix Metaframe 1.8
CVE-2001-0908
Currently unrated
Summary
Citrix Metaframe 1.8 suffers from a vulnerability where it logs the client address (IP) provided by the client instead of extracting it from the packet headers. This flaw enables clients to impersonate their public IP addresses, potentially leveraging techniques like Network Address Translation (NAT) to disguise their true identity, leading to security risks such as unauthorized access and data breaches.
References
Timeline
Vulnerability Reserved
Vulnerability published