CVE-2008-0356
Citrix Metaframe Presentation Server IMA Service Heap Overflow Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.
Desbordamiento de búfer en el servicio Independent Management Architecture (IMA) de Citrix Presentation Server (MetaFrame Presentation Server) 4.5 y versiones anteriores, Access Essentials 2.0 y versiones anteriores, y Desktop Server 1.0 permite a atacantes remotos ejecutar código de su elección mediante un valor de tamaño inválido en un paquete al puerto TCP 2512 ó 2513.
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Citrix Presentation Server. Authentication is not required to exploit this vulnerability.
The specific flaw resides in the Independent Management Architecture service, ImaSrv.exe, which listens by default on TCP port 2512 or 2513. The process trusts a user-suppled value as a parameter to a memory allocation. By supplying a specific value, an undersized heap buffer may be allocated. Subsequently, an attacker can then overflow that heap buffer by sending an overly large packet leading to arbitrary code execution in the context of the SYSTEM user.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-01-17 CVE Published
- 2008-01-18 CVE Reserved
- 2024-08-07 CVE Updated
- 2024-09-06 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.kb.cert.org/vuls/id/412228 | Third Party Advisory |
|
| http://www.securityfocus.com/archive/1/486585/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/27329 | Vdb Entry | |
| http://www.securitytracker.com/id?1019231 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/0172 | Vdb Entry | |
| http://zerodayinitiative.com/advisories/ZDI-08-002.html | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://support.citrix.com/article/CTX114487 | 2018-10-15 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/28508 | 2018-10-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Citrix Search vendor "Citrix" | Access Essentials Search vendor "Citrix" for product "Access Essentials" | <= 2.0 Search vendor "Citrix" for product "Access Essentials" and version " <= 2.0" | - |
Affected
| ||||||
| Citrix Search vendor "Citrix" | Desktop Server Search vendor "Citrix" for product "Desktop Server" | 1.0 Search vendor "Citrix" for product "Desktop Server" and version "1.0" | - |
Affected
| ||||||
| Citrix Search vendor "Citrix" | Metaframe Presentation Server Search vendor "Citrix" for product "Metaframe Presentation Server" | <= 4.5 Search vendor "Citrix" for product "Metaframe Presentation Server" and version " <= 4.5" | - |
Affected
| ||||||
| Citrix Search vendor "Citrix" | Presentation Server Search vendor "Citrix" for product "Presentation Server" | * | - |
Affected
| ||||||