Lucene search

[email protected]CVE-2005-3134

HistoryOct 04, 2005 - 10:02 p.m.

CVE-2005-3134

2005-10-0422:02:00

[email protected]

web.nvd.nist.gov

citrix

metaframe presentation server

policy restriction

bypass

cve-2005-3134

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.0%

JSON

Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName).

Affected configurations

NVD

Node

citrixmetaframeMatch3.0

citrixmetaframeMatch4.0

CPENameOperatorVersion
citrix:metaframecitrix metaframeeq3.0
citrix:metaframecitrix metaframeeq4.0

CPE	Name	Operator	Version
citrix:metaframe	citrix metaframe	eq	3.0
citrix:metaframe	citrix metaframe	eq	4.0

References

marc.info/?l=bugtraq&m=112811189420696&w=2

secunia.com/advisories/17032/

securityreason.com/securityalert/39

securitytracker.com/id?1014994

support.citrix.com/kb/entry%21default.jspa?categoryID=275&externalID=CTX107705

www.grupoitpro.com.ar/ctxpoliciesbypass.txt

www.securityfocus.com/bid/14989

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.0%

JSON

Related for CVE-2005-3134

cvelist1 nvd1