CVE-2008-0356 Information

Description

Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier Access Essentials 2.0 and earlier and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.

Reference

http://secunia.com/advisories/28508 http://support.citrix.com/article/CTX114487 http://www.kb.cert.org/vuls/id/412228 http://www.securityfocus.com/archive/1/486585/100/0/threaded http://www.securityfocus.com/bid/27329 http://www.securitytracker.com/id?1019231 http://www.vupen.com/english/advisories/2008/0172 http://zerodayinitiative.com/advisories/ZDI-08-002.html