Insecure ACL Vulnerability in Citrix MetaFrame Allowing Privilege Escalation
CVE-2006-3779

Currently unrated

Key Information:

Vendor: Citrix
Status: Metaframe; Presentation Server; Metaframe Presentation Server
Vendor: CVE Published:; 24 July 2006

What is CVE-2006-3779?

An insecure ACL vulnerability exists in Citrix MetaFrame up to XP 1.0 Feature 1, except when deployed on Windows Server 2003. This flaw allows remote authenticated users to exploit the misconfigured registry key settings, potentially escalating their privileges within the system. Organizations using the affected versions should apply appropriate security patches and ensure access control measures are effectively implemented.

References

http://support.citrix.com/article/CTX110492

x_refsource_CONFIRM

http://secunia.com/advisories/21076

third-party-advisoryx_refsource_SECUNIA

http://securitytracker.com/id?1016526

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 24, 2006
Vulnerability Reserved
Jul 21, 2006