Strike ID:
E13-jcq01
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2011

Description

This strike exploits a vulnerability found on the Citrix Provisioning Service. A specially crafted packet sent to the service associated with the streamprocess.exe executable listening on UDP/6905 will generate a buffer overflow and can subsequently lead to remote system takeover.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{70597}