Vulnerabilities > CVE-2006-5861 - Denial-Of-Service vulnerability in Citrix Metaframe and Metaframe Presentation Server

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

citrix

NVD

Published: 2006-11-10

Updated: 2017-07-20

Summary

The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception.

Vulnerable Configurations

Part	Description	Count
Application	Citrix Citrix Metaframe 1.0 Citrix Metaframe 2.0 Citrix Metaframe Presentation Server 3.0 Citrix Metaframe Presentation Server 4.0	4

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=441
http://secunia.com/advisories/22802
http://securitytracker.com/id?1017205
http://support.citrix.com/article/CTX111186
http://www.securityfocus.com/bid/20986
http://www.vupen.com/english/advisories/2006/4429
https://exchange.xforce.ibmcloud.com/vulnerabilities/30156