===================================================================== CERT-Renater Note d'Information No. 2008/VULN395 _____________________________________________________________________ DATE : 30/09/2008 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows running Citrix Presentation Server. ====================================================================== http://support.citrix.com/article/CTX116310 ______________________________________________________________________ Vulnerability in Citrix Presentation Server for Windows could result in privilege escalation Document ID: CTX116310 / Created On: 29 sept. 2008 / Updated On: 29 sept. 2008 Severity: Low Description of Problem A vulnerability has been identified in Citrix Presentation Server for Windows that could result in an authenticated interactive user escalating their privilege level. In order to exploit this vulnerability a user would need sufficient access rights to create a file in a specific location on the server’s system drive. On Windows Server 2003-based systems, default file system access control settings would prevent unprivileged users from doing this. Affected Products This vulnerability affects the following products: • Citrix XenApp (formerly Presentation Server) 4.5, including Feature Pack 1 • Citrix Presentation Server 4.0 • Citrix Access Essentials 2.0 • Citrix Access Essentials 1.5 • Citrix Access Essentials 1.0 Customers with older, unsupported versions of Presentation Server should contact their Citrix Technical Support representative for further guidance. What Customers Should Do This vulnerability has been addressed in existing Hotfix Rollup Packs. Customers that have yet to install the latest Hotfix Rollup Packs into their environment should review the following list and consider applying the relevant updates: Citrix Presentation Server 4.5 for Windows Server 2003 x64: EN - http://support.citrix.com/article/CTX116294 FR - http://support.citrix.com/article/CTX116295 DE - http://support.citrix.com/article/CTX116296 JA - http://support.citrix.com/article/CTX116298 ES - http://support.citrix.com/article/CTX116299 Citrix Presentation Server 4.5 for Windows Server 2003: EN - http://support.citrix.com/article/CTX116289 FR - http://support.citrix.com/article/CTX116290 DE - http://support.citrix.com/article/CTX116291 JA - http://support.citrix.com/article/CTX116292 ES - http://support.citrix.com/article/CTX116293 Citrix Presentation Server 4.0 for Windows 2000 Server: EN - http://support.citrix.com/article/CTX116259 FR - http://support.citrix.com/article/CTX116260 DE - http://support.citrix.com/article/CTX116261 JA - http://support.citrix.com/article/CTX116263 ES - http://support.citrix.com/article/CTX116262 Citrix Presentation Server 4.0 for Windows Server 2003: EN - http://support.citrix.com/article/CTX116264 FR - http://support.citrix.com/article/CTX116265 DE - http://support.citrix.com/article/CTX116266 JA - http://support.citrix.com/article/CTX116268 ES - http://support.citrix.com/article/CTX116267 Citrix Access Essentials 2.0: EN - http://support.citrix.com/article/CTX116289 FR - http://support.citrix.com/article/CTX116290 DE - http://support.citrix.com/article/CTX116291 JA - http://support.citrix.com/article/CTX116292 ES - http://support.citrix.com/article/CTX116293 Citrix Access Essentials 1.5: EN - http://support.citrix.com/article/CTX116264 FR - http://support.citrix.com/article/CTX116265 DE - http://support.citrix.com/article/CTX116266 JA - http://support.citrix.com/article/CTX116268 ES - http://support.citrix.com/article/CTX116267 Citrix Access Essentials 1.0: EN - http://support.citrix.com/article/CTX116264 FR - http://support.citrix.com/article/CTX116265 DE - http://support.citrix.com/article/CTX116266 JA - http://support.citrix.com/article/CTX116268 ES - http://support.citrix.com/article/CTX116267 What Citrix Is Doing Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Base at http://support.citrix.com/. Obtaining Support on this Issue If you require technical assistance with this issue, please contact Citrix Technical Support. Information for contacting Citrix Technical Support is available at http://www.citrix.com/English/ss/supportContacts.asp. Reporting Security Vulnerabilities to Citrix Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. If you would like to report a security issue to Citrix, please compose an e-mail to secure@citrix.com containing the exact version of the product in which the vulnerability was found and the steps needed to reproduce the vulnerability. This document applies to: * Presentation Server 4.0 for Microsoft Windows 2000 * Feature Pack 1 for Presentation Server 4.5 * Access Essentials 1.5 * Presentation Server 4.5 for Windows Server 2003 * Presentation Server 4.0 for Microsoft Windows 2003 * Access Essentials 2.0 * Presentation Server 4.5 for Windows Server 2003 x64 Edition * Access Essentials 1.0 ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================