CVSS: 5.0EPSS: 48%CPEs: 4EXPL: 0CVE-2006-5861
https://notcve.org/view.php?id=CVE-2006-5861
The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception. El servicio (ImaSrv.exe) del Independent Management Architecture (IMA) en el Citrix MetaFrame XP 1.0 y 2.0, and Presentation Server 3.0 y 4.0, permite a atacantes remotos provocar una denegación de servicio (salida del servicio) mediante un paquete manipulado que provoca que el servicio acceda a una dirección de memoria sin mapear y dispare una excepción inmanejable. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=441 http://secunia.com/advisories/22802 http://securitytracker.com/id?1017205 http://support.citrix.com/article/CTX111186 http://www.securityfocus.com/bid/20986 http://www.vupen.com/english/advisories/2006/4429 https://exchange.xforce.ibmcloud.com/vulnerabilities/30156 •
CVSS: 7.5EPSS: 36%CPEs: 5EXPL: 0CVE-2006-5821 – Citrix MetaFrame IMA Management Module Remote Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-5821
Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption. Desbordamiento del búfer basado en montón en la función IMA_SECURE_DecryptData1 en la ImaSystem.dll para el Citrix MetaFrame XP 1.0 y 2.0, y Presentation Server 3.0 y 4.0, permite a atacantes remotos ejecutar código de su elección mediante una petición en el Independent Management Architecture (IMA) al servicio (ImaSrv.exe) con tamaños de valores no válidos que disparen el desbordamiento durante la desencriptación. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Citrix MetaFrame Presentation Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the routine IMA_SECURE_DecryptData1() defined in ImaSystem.dll and is reachable through the Independant Management Architecture (IMA) service (ImaSrv.exe) that listens on TCP port 2512 or 2513. The encryption scheme used is reversible and relies on several 32-bit fields indicating the size of the packet and the offsets to the authentication strings. • http://secunia.com/advisories/22802 http://securitytracker.com/id?1017205 http://support.citrix.com/article/CTX111186 http://www.securityfocus.com/archive/1/451337/100/100/threaded http://www.securityfocus.com/bid/20986 http://www.vupen.com/english/advisories/2006/4429 http://www.zerodayinitiative.com/advisories/ZDI-06-038.html https://exchange.xforce.ibmcloud.com/vulnerabilities/30148 •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2005-3971
https://notcve.org/view.php?id=CVE-2005-3971
Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field. • http://secunia.com/advisories/17819 http://securitytracker.com/id?1015304 http://securitytracker.com/id?1015305 http://support.citrix.com/article/CTX108208 http://www.securityfocus.com/bid/15664 http://www.vupen.com/english/advisories/2005/2676 https://exchange.xforce.ibmcloud.com/vulnerabilities/23396 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1902
https://notcve.org/view.php?id=CVE-2004-1902
The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information. • http://marc.info/?l=bugtraq&m=108127948610311&w=2 http://secunia.com/advisories/11293 http://securitytracker.com/id?1009659 http://support.citrix.com/kb/entry.jspa?entryID=4062&categoryID=256 http://www.osvdb.org/4942 http://www.securityfocus.com/bid/10049 https://exchange.xforce.ibmcloud.com/vulnerabilities/15737 •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2002-2426
https://notcve.org/view.php?id=CVE-2002-2426
Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute arbitrary published applications, and possibly other programs, as authenticated users via the InitialProgram key in an ICA connection. NOTE: some of these details are obtained from third party information. • http://packetstormsecurity.org/0210-exploits/hackingcitrix.txt http://secunia.com/advisories/27633 http://support.citrix.com/article/CTX115245 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor http://www.securityfocus.com/bid/26451 http://www.securitytracker.com/id?1018962 http://www.vupen.com/english/advisories/2007/3870 • CWE-352: Cross-Site Request Forgery (CSRF) •