Citrix MetaFrame False IP Address Vulnerability

Citrix MetaFrame is a remote application server used for terminal service type environments.

An issue exists in Citrix MetaFrame, which could allow a user to have a false IP addresss logged. When a client connects, the client host name and network address are transmitted from the client to the server as part of the ICA Protocol. The server records this information when logging the client connection, rather than obtaining the actual network address of the client host from the operating system's TCP/IP implementation.


Privacy Statement
Copyright 2010, SecurityFocus