Vulnerability CVE-2006-5861


Published: 2006-11-10   Modified: 2012-02-12

Description:
The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Citrix -> Metaframe 
Citrix -> Metaframe presentation server 

 References:
http://support.citrix.com/article/CTX111186
http://www.vupen.com/english/advisories/2006/4429
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=441
http://www.securityfocus.com/bid/20986
http://securitytracker.com/id?1017205
http://secunia.com/advisories/22802

Copyright 2022, cxsecurity.com

 

Back to Top