漏洞信息详情
Citrix MetaFrame XP 不安全的ACL安装注册表键特权提升漏洞
- CNNVD编号:CNNVD-200607-385
- 危害等级: 低危
- CVE编号: CVE-2006-3779
- 漏洞类型: 访问验证错误
- 发布时间: 2006-07-24
- 威胁类型: 远程
- 更新时间: 2006-08-07
- 厂 商: citrix
- 漏洞来源: The vendor has dis...
漏洞简介
Citrix MetaFrame XP 1.0 Feature 1之前版本除在Windows Server 2003上运行时以外,以不安全的ACL安装注册表键,可以使远程认证用户获得特权。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Citrix MetaFrame 1.8
Citrix Hotfix XE104R02W2K3018 - For MetaFrame XP 1.0 for Windows Server 2003
http://support.citrix.com/hotfixes.jspa?categoryID=120&subCategoryID=120&spLevels=&languages=English&productVersion=Citrix%20MetaFrame%20XP%201.0%20for%20Microsoft%20Windows%202003&productName=MetaFrame%20XP%201.0%20for%20Microsoft%20Windows%202003
Citrix MetaFrame Presentation Server 3.0
Citrix Hotfix MPSE300R05W2K3006 - For Metaframe Presentation Server 3.0 for Windows Server 2003
http://support.citrix.com/article/CTX110199
参考网址
来源: BID
名称: 19056
链接:http://www.securityfocus.com/bid/19056
来源: VUPEN
名称: ADV-2006-2862
链接:http://www.frsirt.com/english/advisories/2006/2862
来源: support.citrix.com
链接:http://support.citrix.com/article/CTX110492
来源: SECUNIA
名称: 21076
链接:http://secunia.com/advisories/21076
来源: SECTRACK
名称: 1016526
链接:http://securitytracker.com/id?1016526
受影响实体
- Citrix Metaframe:1.8:Microsoft_nt_4.0_server_terminal_server
- Citrix Metaframe:1.8:Microsoft_windows_2000
- Citrix Metaframe_presentation_server:3.0:Microsoft_windows_2000
- Citrix Presentation_server:4.0:Microsoft_windows_2000
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论