APP: Citrix Program Neighborhood Agent Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Citrix Program Neighborhood Agent. Attackers can configure a server to provide a host with a malicious XML configuration file, which can overflow a buffer and enable attackers to gain control of the host.
Extended Description
Citrix Program Neighborhood Agent is prone to a buffer overflow. Successful exploitation of this vulnerability could allow arbitrary code execution in the context of the application. This issue was reported to affect Program Neighborhood Agent for Win32 and Citrix Metaframe Presentation Server client for WinCE.
Affected Products
Citrix metaframe_presentation_server_client_for_wince
Short Name
APP:CITRIX:AGENT-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Agent Buffer CVE-2004-1077 CVE-2004-1078 Citrix Neighborhood Overflow Program bid:13373 bid:13379
Release Date
05/12/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Citrix
CVSS Score
7.5
5.0