Policy Bypass Vulnerability in Citrix Metaframe Presentation Server
CVE-2005-3134

Currently unrated

Key Information:

Vendor: Citrix
Status: Metaframe
Vendor: CVE Published:; 4 October 2005

Summary

The Citrix Metaframe Presentation Server versions 3.0 and 4.0 are impacted by a vulnerability that allows remote attackers to bypass policy restrictions. By manipulating the launch.ica file and altering the client device name (ClientName), an unauthorized user may gain access to system policies they should not have the ability to alter or bypass. This vulnerability highlights the importance of ensuring proper configurations and monitoring of server policies.

References

http://support.citrix.com/kb/entry%21default.jspa?categor...

x_refsource_CONFIRM

http://securitytracker.com/id?1014994

vdb-entryx_refsource_SECTRACK

http://marc.info/?l=bugtraq&m=112811189420696&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Oct 4, 2005
Vulnerability Reserved
Oct 4, 2005