IP Address Spoofing Vulnerability in Citrix Metaframe 1.8
CVE-2001-0908

Currently unrated

Key Information:

Vendor: Citrix
Status: Metaframe
Vendor: CVE Published:; 21 November 2001

Summary

Citrix Metaframe 1.8 suffers from a vulnerability where it logs the client address (IP) provided by the client instead of extracting it from the packet headers. This flaw enables clients to impersonate their public IP addresses, potentially leveraging techniques like Network Address Translation (NAT) to disguise their true identity, leading to security risks such as unauthorized access and data breaches.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7538

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=100638693315933&w=2

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/3566

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Jan 31, 2002
Vulnerability published
Nov 21, 2001