Vigil@nce: Citrix Presentation Server, information disclosure
April 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
The client for Windows of Citrix Presentation Server keeps
authentication data in memory.
Severity: 1/4
Consequences: user access/rights, data reading
Provenance: user shell
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 03/04/2009
IMPACTED PRODUCTS
– Citrix XenApp
DESCRIPTION OF THE VULNERABILITY
The Citrix Presentation Server Client for Windows product is used
to connect to the server.
When the authentication phase is finished, authentication
credentials are not needed anymore. However, they are kept in
memory.
An attacker, who already has an access to the victim’s computer,
can therefore read the memory of the process in order to connect
to another system.
CHARACTERISTICS
Identifiers: CTX116227, CVE-2008-6561, VIGILANCE-VUL-8598
http://vigilance.fr/vulnerability/Citrix-Presentation-Server-information-disclosure-8598