APP: Citrix Program Neighborhood Agent Buffer Overflow 2

This signature detects attempts to exploit a known vulnerability in the Citrix Program Neighborhood Agent. A successful attack can lead to arbitrary remote code execution.

Extended Description

The Citrix Program Neighborhood is prone to a stack-based overflow. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer. This issue allows remote attackers to execute arbitrary machine code in the context of vulnerable client applications. In order to exploit this issue, affected clients must connect to a malicious server. Attacks against the DNS infrastructure used by clients, social engineering, or other methods may be employed to achieve this. Alternatively, attackers must have access to a computer in the same LAN as targeted clients. Versions 9.1 and prior of the Citrix Program Neighborhood client are vulnerable to this issue.

Affected Products

Citrix ica_program_neighborhood_client

Short Name
APP:CITRIX:AGENT-OF-2
Severity
Major
Recommended
False
Recommended Action
None
Category
APP
Keywords
2 Agent Buffer CVE-2005-3652 Citrix Neighborhood Overflow Program bid:15907
Release Date
03/06/2006
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
Port
UDP/1050
False Positive
Unknown
Vendors

Citrix

CVSS Score

7.5

Found a potential security threat?