==================================================================== CERT-Renater Note d'Information No. 2017/VULN017 _____________________________________________________________________ DATE : 18/01/2017 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Citrix Provisioning Services versions prior to 7.12. ===================================================================== https://support.citrix.com/article/CTX219580 ____________________________________________________________________ CTX219580 Citrix Provisioning Services Multiple Security Updates Security Bulletin | High | Created: 17 Jan 2017 | Modified: 17 Jan 2017 Applicable Products Provisioning Services Provisioning Services 7.6 Provisioning Services 7.11 Provisioning Services 7.7 Provisioning Services 7.8 Provisioning Services 7.9 Provisioning Services 7.1 Provisioning Services 7.0 Description of Problem A number of security vulnerabilities have been identified in Citrix Provisioning Services components that, if exploited, could potentially allow an attacker to execute arbitrary, privileged, code on the Provisioning Services target devices. Some of these issues could be exploited by an attacker with network access to the Provisioning Services target devices. These vulnerabilities have been assigned the following CVE numbers: CVE-2016-9676: Buffer overwrite vulnerability in Citrix Provisioning Services before version 7.12 could result in arbitrary code execution. CVE-2016-9678: “Use after free” vulnerability in Citrix Provisioning Services before version 7.12 could result in arbitrary code execution. CVE-2016-9679: Function pointer overwrite vulnerability in Citrix Provisioning Services before version 7.12 could result in arbitrary code execution. CVE-2016-9680: Vulnerability in Citrix Provisioning Services before version 7.12 could result in disclosure of kernel memory. CVE-2016-9677: Kernel address information leakage vulnerability in Citrix Provisioning Services before version 7.12. These vulnerabilities affect the target device component released as part of Citrix Provisioning Services up to and including version 7.11. Mitigating Factors In typical deployments, Citrix Provisioning Services target devices are not routable from the Internet. What Customers Should Do These vulnerabilities have been addressed in Citrix Provisioning Services version 7.12 and later. Citrix strongly recommends that customers upgrade to this version immediately. This new version can be found at the following location: https://www.citrix.com/downloads/provisioning-services.html Customers using the Provisioning Services LTSR, version 7.6, should apply a cumulative update to address these vulnerabilities. This update, 7.6.4, can be found at the following location: https://www.citrix.com/downloads/provisioning-services.html Acknowledgements Citrix thanks Fabien Perigaud of Airbus Defence and Space CyberSecurity (https://www.cybersecurity-airbusds.com/) for working with us to protect Citrix customers What Citrix Is Doing Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at http://support.citrix.com/. Obtaining Support on This Issue If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.html. Reporting Security Vulnerabilities Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 – Reporting Security Issues to Citrix Changelog Date Change 17th January 2017 Initial publishing ========================================================== Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================