[THIN] Re: PN Agent 8 vulnerability....

• From: "Joe Shonk" <joe.shonk@xxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Fri, 29 Apr 2005 12:33:00 -0700

http://support.citrix.com/kb/entry.jspa?externalID=ctx106223

 

It tells you how to do the Whole msiexec /a ica32pkg.msi  but it doesn't go
in to details.

 

Simply to change appsrv.src, for example, you would Run: msiexec /a
ica32pkg.msi and choose to extract all the files to a location such as
c:\ica32pkg\

 

Make your modifications under the c:\ica32pkg\ directory tree.

 

The rerun: msiexec /a ica32pkg.msi and choose the third option which is to
compile everything into one .msi file..  Note: Use the ica32pkg.msi in the
c:\ica32pkg\ directory and not the one you used to extract..  Point the
destination to something like c:\ica32pkg2\ and you're all set.

 

Joe

 

  _____  

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Matthew Shrewsbury
Sent: Friday, April 29, 2005 11:13 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: PN Agent 8 vulnerability....

 

Do you have a link on how to do that?

 

Matthew Shrewsbury, MCSE+Internet MCSE 2000 CCA Server+

Senior Network Administrator

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Joe Shonk
Sent: Friday, April 29, 2005 2:08 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: PN Agent 8 vulnerability....

 

I'll tell you what.   The ability to customize and repackage is ICA Install
package in 8/9 is really cool.

 

Joe

 

  _____  

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Jim Kenzig Kenzig.com
Sent: Friday, April 29, 2005 9:30 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: PN Agent 8 vulnerability....

 

Don't beat up on them..the version 9 MSI is now available.

http://download2.citrix.com/FILES/en/products/client/ica/client9.0/Ica32Pkg.
msi

JK

Joe Shonk  wrote:

CTX Version: http://support.citrix.com/kb/entry.jspa?externalID=CTX105650

 

Nice of the NOT to fix the 8.x client 9 is their recommendation yet 9 just
got pulled! Nice  Now we have someone other than Microsoft to beat up on

 

Joe

 


  _____  


From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Jim Kenzig http://thethin.net
Sent: Friday, April 29, 2005 9:02 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] PN Agent 8 vulnerability....

 


From secunia.com....

Secunia Advisory:

 

SA15108

 <http://secunia.com/advisories/15108/print/>   


Release Date:

2005-04-26


Last Update:

2005-04-27


http://secunia.com/advisories/15108/


 

 <http://secunia.com/about_secunia_advisories/> 
Moderately critical


Impact:

System access


Where:

From remote


Solution Status:

Vendor Patch


 


Software:

Citrix Program Neighborhood Agent 8.x <http://secunia.com/product/4287/> 

 


 

Select a product and view a complete list of all Patched/Unpatched Secunia
advisories affecting it.


 


Description:
Patrik Karlsson has reported two vulnerabilities in Citrix Program
Neighborhood Agent, which can be exploited by malicious people to compromise
a user's system.

1) A boundary error in the caching of information received from servers can
be exploited to cause a stack-based buffer overflow and execute arbitrary
code on a client system.

2) A design error allows arbitrary shortcuts to be created on a client
system with the privileges of the logged in user. This can be exploited to
eg. execute arbitrary programs when a user logs in the next time by placing
a shortcut in the Startup folder.

Successful exploitation requires that the client has been configured to
point to a malicious server.

The following clients are affected:
* Program Neighborhood Agent for Win32
* Citrix MetaFrame Presentation Server client for WinCE (versions including
Program Neighborhood Agent)

Solution:
The vulnerabilities have been addressed in the listed client versions below,
which are available at:
http://www.citrix.com/English/SS/downloads/downloads.asp?dID=2755

* Program Neighborhood Agent for Win32 versions 9.0 and later.
* Citrix MetaFrame Presentation Server client for WinCE versions 8.33 and
later.

Provided and/or discovered by:
Patrik Karlsson

Changelog:
2005-04-27: Added additional information provided by iDEFENSE.

Original Advisory:
Citrix:
http://support.citrix.com/kb/ent...?entryID=6156
<http://support.citrix.com/kb/entry.jspa?entryID=6156&categoryID=149>
&categoryID=149

iDEFENSE:
http://www.idefense.com/applicat...?id=237
<http://www.idefense.com/application/poi/display?id=237&type=vulnerabilities
> &type=vulnerabilities
http://www.idefense.com/applicat...?id=238
<http://www.idefense.com/application/poi/display?id=238&type=vulnerabilities
> &type=vulnerabilities


 


Please note: The information, which this Secunia Advisory is based upon,
comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued
by security research groups, vendors, and others.


 

 

• References:
  • [THIN] Re: PN Agent 8 vulnerability....
    • From: Matthew Shrewsbury

Other related posts:

• » [THIN] PN Agent 8 vulnerability....
• » [THIN] Re: PN Agent 8 vulnerability....
• » [THIN] Re: PN Agent 8 vulnerability....
• » [THIN] Re: PN Agent 8 vulnerability....
• » [THIN] Re: PN Agent 8 vulnerability....
• » [THIN] Re: PN Agent 8 vulnerability....
• » [THIN] Re: PN Agent 8 vulnerability....
• » [THIN] Re: PN Agent 8 vulnerability....
• » [THIN] Re: PN Agent 8 vulnerability....

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription