Citrix Presentation Server Clients Program Neighborhood Agent (PNAgent) Content Redirection Remote DoS

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by
multiple issues.

Description :

Citrix Presentation Server Client is installed on the remote host. It
is used to access published resources such as applications stored on
servers running Citrix Presentation Server.

The Program Neighborhood Agent component of the version of Citrix
Presentation Server Client on the remote host may allow for arbitrary
code execution if a user can be tricked into manually launching a
specially crafted file associated with the Program Neighborhood Agent.

It may also exit unexpectedly when attempting to access a file using
content redirection when its path exceeds 200 characters.

See also :

http://support.citrix.com/article/CTX113543
http://support.citrix.com/article/CTX113919

Solution :

Upgrade to Citrix Presentation Server Client for Windows version
10.100 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 25682 (citrix_ica_pnagent_long_file_dos.nasl)

Bugtraq ID: 24790

CVE ID: CVE-2007-3625

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now