Citrix Provisioning Services Unspecified Request Parsing Remote Code Execution (CTX133039) (uncredentialed check)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by a code
execution vulnerability.

Description :

The version of Citrix Provisioning Services installed on the remote
Windows host is affected by an unspecified vulnerability that can be
exploited by an unauthenticated, remote attacker to execute arbitrary
code on the remote host with SYSTEM privileges.

See also :

http://support.citrix.com/article/CTX133039

Solution :

Apply the relevant patch from the vendor's advisory.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 59465 ()

Bugtraq ID: 53330

CVE ID: CVE-2012-4068