This host is installed with Citrix Provisioning Services and is prone to remote code execution vulnerability.
Successful exploitation could allow remote attackers to execute arbitrary code in the context of the SYSTEM user. Impact Level: Application/System
Upgrade to Citrix Provisioning Services version 5.6 SP1 or later, For updates refer to http://support.citrix.com/article/CTX127123
The flaw is due to an error in the 'streamprocess.exe' component when handling a '0x40020010' type packet. This can be exploited to cause a stack based buffer overflow via a specially crafted packet sent to UDP port 6905.
Citrix Provisioning Services version 5.6 and prior.
- Adobe Shockwave Player 3D Model Buffer Overflow Vulnerabilities
- BaoFeng Storm ActiveX Control Buffer Overflow Vulnerability
- Active Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability (Windows)
- Apple Safari 'CSS' Buffer Overflow Vulnerability (Win) - Dec09
- Adobe Air Buffer Overflow Vulnerability (Windows)