Check Point Advisories

Citrix Provisioning Services Opcode Stack Buffer Overflow

Check Point Reference:	CPAI-2011-114
Date Published:	12 Aug 2011
Severity:	Critical
Last Updated:	Saturday 01 January, 2011
Source:
Protection Provided by:
Who is Vulnerable?	Citrix Systems Provisioning Services 5.6 and prior
Vulnerability Description	A stack buffer overflow vulnerability exists in Citrix Provisioning Service. The vulnerability is due to an error when handling packet sent to the Provisioning Services server
Update/Patch Avaliable	CTX127149
Vulnerability Details	The vulnerable service allocates a fixed size stack buffer and copies the user provided data into it without length validation. Attacker could exploit this vulnerability by sending a crafted packet which will overflow the buffer. Successful exploitation will result in injection and execution of arbitrary code within the security context of the service, or create a Denial of Service condition.