|
Citrix / Netware privilege escalation
|
|
Secunia Advisory:
|
SA7915
|
|
|
Release Date:
|
2003-01-21
|
|
Popularity:
|
5,774 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Privilege escalation
|
|
Where:
|
From local network
|
|
Solution Status:
|
Unpatched
|
|
| Software: | Citrix MetaFrame XP for Windows 1.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
Description:
Configurations where users on Citrix systems are logging on to Netware networks may allow users to elevate their privileges.
If a user logs on to the Metaframe through an ICA client, and doesn't login to the Netware network before sending a print job, then a login prompt will appear on the screen on the Metaframe server.
If an administrator enters the username / password, then the user who originally logged on to the Metaframe and requested a printjob will have escalated his rights on the Metaframe to those of the person logged onto the console of the Metaframe.
This has been tested on Metaframe XP running on Windows 2000 with a Netware client 4.83
Solution:
A temporary workaround could be to stop the Novell client from prompting for the password:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10024829.htm
Provided and/or discovered by:
Steinar Kleven
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
