=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2009/VULN141
_____________________________________________________________________

DATE                      : 09/04/2009

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows running Citrix Presentation Server
                                 Client.

======================================================================
http://support.citrix.com/article/CTX116227
______________________________________________________________________

Credential Handling Weakness in Presentation Server Client for Windows

Document ID: CTX116227 Created On: Mar 10, 2008 / Updated On: Mar 10, 2008

Severity: Low

Description of Problem

Under some circumstances, the Citrix Presentation Server Client for
Windows may leave residual credential information in the client process
memory.

This issue is present in all versions of the Citrix Presentation Server
Client for Windows prior to version 10.200.

Mitigating Factors

In order to exploit this weakness, an attacker would need to read the
client process memory; under normal circumstances this would not be
possible unless the client host had already been compromised.

What Customers Should Do

In most deployments, this weakness does not present a significant
security risk. However, customers that are concerned about this may wish 
to consider upgrading to the latest version of the Presentation Server
Client for Windows.

This client package can be obtained from the following locations:

Citrix Presentation Server Client Package Windows

EN - http://support.citrix.com/article/CTX116550
FR - http://support.citrix.com/article/CTX116552
GE - http://support.citrix.com/article/CTX116551
JA - http://support.citrix.com/article/CTX116554
ES - http://support.citrix.com/article/CTX116553

Acknowledgements

Citrix thanks Olivier Revenu of EdelWeb (http://www.edelweb.fr) for
working with us to protect Citrix customers.

What Citrix Is Doing

Citrix is notifying customers and channel partners about this potential
security issue. This article is also available from the Citrix Knowledge
Base at http://support.citrix.com/.

Obtaining Support on this Issue

If you require technical assistance with this issue, please contact
Citrix Technical Support. Information for contacting Citrix Technical 
Support is available at http://support.citrix.com/.

Reporting Security Vulnerabilities to Citrix

Citrix welcomes input regarding the security of its products and
considers any and all potential vulnerabilities very seriously. If you
would like to report a security issue to Citrix, please compose an
e-mail to secure@citrix.com containing the exact version of the product
in which the vulnerability was found and the steps needed to reproduce
the vulnerability.


This document applies to:

     * XenApp Plug-in for Windows (32/64 Bit)


======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================