AusCERT - ESB-2012.0493 - [Win] Citrix XenApp: Denial of service

HOME
About AusCERT
Membership
PKI Services
Publications
Sec. Bulletins
Conferences
News & Media
Services
Web Log
Site Map
Site Help
Member login
ESB-2012.0493 - [Win] Citrix XenApp: Denial of service - Remote/unauthenticated
Date: 24 May 2012

Click here for printable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2012.0493
     Vulnerability in Citrix XenApp could result in denial of service
                                24 May 2012

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Feature Pack 1 for Presentation Server 4.5
                   Presentation Server 4.5 SE Edition
                   Presentation Server 4.5 for Windows Server 2003
                   Presentation Server 4.5 for Windows Server 2003 x64 Edition
                   XenApp 5.0 for Windows Server 2003 x64
                   XenApp 5.0 for Windows Server 2003 x86
                   XenApp 6.0 for Windows Server 2008 R2
                   XenApp 6.5 for Windows Server 2008 R2
                   XenApp Fundamentals 2.0
                   XenApp Fundamentals 3.0
                   XenApp Fundamentals 6.0 for Windows Server 2008 R2
Publisher:         Citrix
Operating System:  Windows
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade

Original Bulletin: 
   http://support.citrix.com/article/CTX133159

- --------------------------BEGIN INCLUDED TEXT--------------------

Vulnerability in Citrix XenApp could result in denial of service.
Document ID: CTX133159   
Created On: May 22, 2012 
Updated On: May 22, 2012
Average Rating: not yet rated

Severity: Low

Description of Problem

A vulnerability has been identified in Citrix XenApp that, when triggered, 
could result in a denial of service.

This vulnerability is present in all versions of Citrix XenApp, formerly known 
as Presentation Server, up to and including version 6.5.

Mitigating Factors

In order to trigger this vulnerability, an attacker would need to be able to 
directly access the XenApp server. When deployed according to established best
practice, the XenApp server would not be directly exposed and an Internet-based 
attacker would not be able to trigger this vulnerability.

What Customers Should Do

A hotfix has been released to address this issue. Citrix recommends that 
affected customers install this hotfix, which can be downloaded from the 
following locations:

Citrix XenApp 6.5 for Windows Server 2008 R2:

EN - http://support.citrix.com/article/CTX133001

FR - http://support.citrix.com/article/CTX133229

DE - http://support.citrix.com/article/CTX133230

JA - http://support.citrix.com/article/CTX133231

Citrix XenApp 6.0 for Windows Server 2008 R2:

EN - http://support.citrix.com/article/CTX130473

FR - http://support.citrix.com/article/CTX131529

DE - http://support.citrix.com/article/CTX131527

JA - http://support.citrix.com/article/CTX131528

ES - http://support.citrix.com/article/CTX131530

SC - http://support.citrix.com/article/CTX131531

Citrix XenApp 5 for Windows Server 2008 64-bit Edition:

EN - http://support.citrix.com/article/CTX133131

FR - http://support.citrix.com/article/CTX133134

DE - http://support.citrix.com/article/CTX133132

JA - http://support.citrix.com/article/CTX133133

ES - http://support.citrix.com/article/CTX133135

Citrix XenApp 5 for Windows Server 2008 32-bit Edition:

EN - http://support.citrix.com/article/CTX133126

FR - http://support.citrix.com/article/CTX133129

DE - http://support.citrix.com/article/CTX133127

JA - http://support.citrix.com/article/CTX133128

ES - http://support.citrix.com/article/CTX133130

Citrix Presentation Server 4.5/XenApp 5 for Windows Server 2003 64-bit Edition:

EN - http://support.citrix.com/article/CTX133360

FR - http://support.citrix.com/article/CTX133363

DE - http://support.citrix.com/article/CTX133361

JA - http://support.citrix.com/article/CTX133362

ES - http://support.citrix.com/article/CTX133364

Citrix Presentation Server 4.5/XenApp 5 for Windows Server 2003 32-bit Edition:

EN - http://support.citrix.com/article/CTX133359

FR - http://support.citrix.com/article/CTX133367

DE - http://support.citrix.com/article/CTX133365

JA - http://support.citrix.com/article/CTX133366

ES - http://support.citrix.com/article/CTX133368

Acknowledgements

Citrix thanks the following for working with us to protect Citrix Customers:

     Xiaopeng Zhang of Fortinet's FortiGuard Labs (http://www.fortinet.com)

     Alex Chapman of Context Information Security Ltd. 
     (http://www.contextis.co.uk/)

What Citrix Is Doing

Citrix is notifying customers and channel partners about this potential 
security issue. This article is also available from the Citrix Knowledge Center 
at http://support.citrix.com/.

Obtaining Support on This Issue

If you require technical assistance with this issue, please contact Citrix 
Technical Support. Contact details for Citrix Technical Support are available 
at http://www.citrix.com/site/ss/supportContacts.asp.

Reporting Security Vulnerabilities to Citrix

Citrix welcomes input regarding the security of its products and considers any 
and all potential vulnerabilities seriously. If you would like to report a 
security issue to Citrix, please compose an e-mail to secure@citrix.com stating 
the exact version of the product in which the vulnerability was found and the 
steps needed to reproduce the vulnerability.

This document applies to:

    Feature Pack 1 for Presentation Server 4.5
    Presentation Server 4.5 SE Edition
    Presentation Server 4.5 for Windows Server 2003
    Presentation Server 4.5 for Windows Server 2003 x64 Edition
    XenApp 5.0 for Windows Server 2003 x64
    XenApp 5.0 for Windows Server 2003 x86
    XenApp 6.0 for Windows Server 2008 R2
    XenApp 6.5 for Windows Server 2008 R2
    XenApp Fundamentals 2.0
    XenApp Fundamentals 3.0
    XenApp Fundamentals 6.0 for Windows Server 2008 R2

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBT72V4O4yVqjM2NGpAQK8vxAAtcyWBsP/tGU5pvtOHhyNp3tov961ej03
8a+Zx0XOrGA+0HCaaZ92NUeMurOTeVUYRckouwWq9/L9YvHyRsWjWSt/aFub7MOC
d4trUzigM5C/MrqjwV3pMA8aglxhDpE5Jhpc5dfAJlpj9YFCZy7+u66FmXECy/Om
iGP+IP7Jhp2qUVeTB19bbBSwSLsQ/BGsinUh/aoPoP//+dLZq7ckh69rWT3Go+xI
sYGfo1w9jBb7Dovn/TQV6q7zm8RpGSsYeobHuQ+Z+w0YpsD+qOhEcYKUEISfBtQQ
yHOtgWaxrREyv/r2retTxDXuT7DnnOsePrBBLdYILSsQ8R40ES3TI8vdP92vf4t3
EjsWq7ZS/oRw4NCmhBshbOochQLwnKQ38h9suWu+fHOTctZWy3M8uYFxf4oBPcSh
SqO3+5//asQuW9k70RxGOd3PlC4fxdybmbIi72yaLtDse2+kEX2eDDixVSYgLZbX
jMr/fxJcphGCnRi5abVTHsRzwXIXIm7cPi4tPa2c1seNSz/iaKH9n9MoXVKsd0zR
D/AtFvpD3syHaQ1OyJpM/PADnwgxSnEG9OU90oUVVRBI1sYI+W/kMHj8495o4Ts0
Rw8j3mdMP/5UMim6ozczVN57zTnmTJSbZgSuTfi33/exSPDdGS+sp28HdaCjsQhZ
NwlT8BBoyJE=
=WAlF
-----END PGP SIGNATURE-----