Ads Citrix Metaframe Presentation Server Policies Bypassing Saturday, 08 October 2005 Summary Citrix Presentation Server - "is the world s most widely deployed presentation server for centrally deploying and managing applications, especially in a heterogeneous environment, and delivering their functionality as a service to workers, wherever they may be." A vulnerability in Presentation Server allows a user bypass Citrix policies that have been applied to client name. Credit: The information has been provided by Gustavo Gurmandi. The original article can be found at: http://www.grupoitpro.com.ar/ctxpoliciesbypass.txt Details Vulnerable Systems: * Citrix Metaframe Presentation Server versions 3.0 and 4.0 Citrix Presentation Server policy is used for administrators to restrict the user environment and these allow applying to: IP client, servers, Users, o Client Name. When user used the Web Interface to access to application in Citrix environment the CLIENT NAME used is WI_*, where (*) is a random value like asdfserw34vc342dk this extension allow administrators to use Citrix policy based in client name "WI_*" This policy can be used to restrict "printing Mapping, Disk Mapping, Control bandwidth, manage printer driver environment so..." When user uses the application in Web interface, he download and execute automatic file "launch.ica". If the user "save as" launch.ica in his PC, and edit with notepad. He can change the value in ClientName that another "WI_" and execute. When user connects to Citrix with ica file modified to Presentation Server, the value in clientname is different to the original one and bypasses the Citrix policies. Proof of concept: Here is an example extracted from launch.ica: [Encoding] InputEncoding=ISO8859_1 [WFClient] Version=2 ClientName=WI_XXXX -> change this extension with other name to bypass the citrix policies TransportReconnectEnabled=On RemoveICAFile=yes ProxyType=None ProxyTimeout=30000 Vendor Status: http://support.citrix.com/kb/entry!default.jspa?categoryID=275&externalID=CTX107705   < Prev   Next > [ Back ]

Main Menu SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus Windows Focus VNews Vulnerability Hacking Sql Injection map Downloads Affiliates Online Store Free Ringtones Seo Directory IWebListin Jobs in India Freshers Jobs listings. Winkeyfinder

Copyright 2005-2007 SpamAlertz.com, Content on this site is From variuos other emails, and Advisories.