Severity: Low
Description of Problem
A vulnerability has been identified in Citrix XenApp that, when triggered, could result in a denial of service.
This vulnerability is present in all versions of Citrix XenApp, formerly known as Presentation Server, up to and including version 6.5.
Mitigating Factors
In order to trigger this vulnerability, an attacker would need to be able to directly access the XenApp server. When deployed according to established best practice, the XenApp server would not be directly exposed and an Internet-based attacker would not be able to trigger this vulnerability.
What Customers Should Do
A hotfix has been released to address this issue. Citrix recommends that affected customers install this hotfix, which can be downloaded from the following locations:
Citrix XenApp 6.5 for Windows Server 2008 R2:
EN – http://support.citrix.com/article/CTX133001
FR – http://support.citrix.com/article/CTX133229
DE – http://support.citrix.com/article/CTX133230
JA – http://support.citrix.com/article/CTX133231
Citrix XenApp 6.0 for Windows Server 2008 R2:
EN – http://support.citrix.com/article/CTX130473
FR – http://support.citrix.com/article/CTX131529
DE – http://support.citrix.com/article/CTX131527
JA – http://support.citrix.com/article/CTX131528
ES – http://support.citrix.com/article/CTX131530
SC – http://support.citrix.com/article/CTX131531
Citrix XenApp 5 for Windows Server 2008 64-bit Edition:
EN – http://support.citrix.com/article/CTX133131
FR – http://support.citrix.com/article/CTX133134
DE – http://support.citrix.com/article/CTX133132
JA – http://support.citrix.com/article/CTX133133
ES – http://support.citrix.com/article/CTX133135
Citrix XenApp 5 for Windows Server 2008 32-bit Edition:
EN – http://support.citrix.com/article/CTX133126
FR – http://support.citrix.com/article/CTX133129
DE – http://support.citrix.com/article/CTX133127
JA – http://support.citrix.com/article/CTX133128
ES – http://support.citrix.com/article/CTX133130
Citrix Presentation Server 4.5/XenApp 5 for Windows Server 2003 64-bit Edition:
EN – http://support.citrix.com/article/CTX133360
FR – http://support.citrix.com/article/CTX133363
DE – http://support.citrix.com/article/CTX133361
JA – http://support.citrix.com/article/CTX133362
ES – http://support.citrix.com/article/CTX133364
Citrix Presentation Server 4.5/XenApp 5 for Windows Server 2003 32-bit Edition:
EN – http://support.citrix.com/article/CTX133359
FR – http://support.citrix.com/article/CTX133367
DE – http://support.citrix.com/article/CTX133365
JA – http://support.citrix.com/article/CTX133366
ES – http://support.citrix.com/article/CTX133368
You can read the original post here at the Citrix knowledgebase.