Haha that's a good marketing strategy.... A few days after releasing the new version you send out something like this..... Like M$ sending out a bug release with the only fix to upgrade from w2k to w2k3.... Way to go Citrix......love it. -----Oorspronkelijk bericht----- Van: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] Namens George Yobst Verzonden: vrijdag 30 april 2004 19:05 Aan: thin@xxxxxxxxxxxxx Onderwerp: [THIN] [Fwd: *Sintelli Alert* SID-2004-1023 (Risk 7.6): Citrix MetaFrame ICA Connection Client Drive Access Vulnerability] FYI - Severity:Low -George -------- Original Message -------- Subject: *Sintelli Alert* SID-2004-1023 (Risk 7.6): Citrix MetaFrame ICA Connection Client Drive Access Vulnerability Date: Fri, 30 Apr 2004 09:08:21 +0580 From: Sintelli Alert! <support@xxxxxxxxxxxx> Reply-To: Sintelli Alert! <support@xxxxxxxxxxxx> To: sintraq@xxxxxxxxxxxx Citrix MetaFrame ICA Connection Client Drive Access Vulnerability SINTELLI ID: SID-2004-1023 CERT ID: NOT AVAILABLE NESSUS ID: NOT AVAILABLE BUGTRAQ ID: NOT AVAILABLE CVE ID: NOT AVAILABLE PUBLISHED DATE: 28-APR-04 UPDATED DATE: 30-APR-04 REMOTE ATTACK: YES LOCAL ATTACK: NO AUTHENTICATION: Authentication Required OPPORTUNITY: Always CLASS: Access Validation Error VERIFICATION: Vendor Confirmed THREAT: 6.33 IMPACT: 6.33 RISK: 7.6 FIX BEFORE: 13-MAY-04 SYSTEMS AFFECTED Citrix METAFRAME XP 1.0 for Windows 2000 Server Citrix METAFRAME XP 1.0 for Windows Server 2003 Citrix METAFRAME XP 1.0 for Windows Terminal Server Citrix MetaFrame 1.8 for Windows 2000 Citrix MetaFrame 1.8 for Windows Terminal Server VULNERABILITY SUMMARY Citrix has reported that Citrix MetaFrame XP Server versions prior to 3.0 could allow unauthorized access to a user's client drive. By creating a specially-crafted program and using the victim's ICA connection, an attacker can gain unauthorized access to the vulnerable client drive. POTENTIAL IMPACT Unauthorised access. DESCRIPTION Citrix MetaFrame is a remote desktop application that works with the Windows Terminal Services to provide application server capabilities. A vulnerability in MetaFrame allows access to another user's client drives. ATTACK VECTORS A remote authenticated administrator can use a specially-crafted program and access another user's client drives via that user's ICA connection. VULNERABILITY SOLUTION Citrix has released an advisory Document ID: CTX103763 for this issue. Upgrade to the latest version of Citrix MetaFrame XP Server 3.0 or later. Download URLs are given in the advisory. See References. FIXES http://support.citrix.com/kb/entry.jspa?entryID=4289&categoryID=118 <http://support.citrix.com/kb/entry.jspa?entryID=4289&categoryID=118> ACKNOWLEDGEMENT Announced by the vendor. REFERENCES Web Page: http://support.citrix.com/kb/entry.jspa?entryID=4289&categoryID=118... <http://support.citrix.com/kb/entry.jspa?entryID=4289&categoryID=118> ALERT HISTORY Version 1: 28 APR 2004. DISCLAIMER: The threat, impact, risk and days to fix ratings of this alert are not tailored to individual users or organisations. Users or organisations may value alerts differently based upon their circumstances.The information within this alert may change without notice.Use of the information within this alert is governed by the terms of the Subscriber Agreement signed by the user or organisation. Sintelli are not liable for any consequences arising from either following or not following the information contained within this alert. Copyright C 2002-2004 Sintelli Limited http://www.sintelli.com -- ------------------------------------------------------------------------ --- George Yobst, Library Technology Analyst phone: 503.723.4890 Library Information Network of Clackamas County fax: 503.794.8238 16239 SE McLoughlin Blvd, Suite 208 web: http://www.lincc.lib.or.us Oak Grove, OR 97267-4654 email: george@xxxxxxxxxxxxxxx "...it is impossible for anyone to begin to learn what he thinks he already knows." - Epictetus ******************************************************** This week's sponsor - Emergent Online Emergent delivers end-to-end solutions for private and public sector clients. From centralized application management, business continuity, outsourcing, to application development, security, and messaging solutions. http://www.go-eol.com/index.asp ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This week's sponsor - Emergent Online Emergent delivers end-to-end solutions for private and public sector clients. From centralized application management, business continuity, outsourcing, to application development, security, and messaging solutions. http://www.go-eol.com/index.asp ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm