[NT] Citrix NFuse Information Leak

From: support@securiteam.com
Date: 01/24/02 

From: support@securiteam.com
To: list@securiteam.com
Date: Thu, 24 Jan 2002 22:38:59 +0100 (CET)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Citrix NFuse Information Leak
------------------------------------------------------------------------

SUMMARY

Citrix NFuse is an application portal that provides organizations with the
ability to integrate and publish interactive applications into any
standard web browser. NFuse is a three-tier solution that includes a
Citrix Server component, a Web Server component, and a Citrix ICA client
component with a web browser. A security vulnerability in the product
allows attackers to find out what applications are currently installed
under the Citrix server, this gaining a possibility sensitive information.

DETAILS

Vulnerable systems:
Citrix NFuse version 1.6

If you go to an NFuse servers 'applist.asp' page without first
authenticating it reveals a list of all the applications that are
configured as published applications.

ADDITIONAL INFORMATION

The information has been provided by <mailto:Tom.Lyne@kamino.com> Tom
Lyne.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Relevant Pages

  • Re: Terminal Services question
    ... improving security over that right away by renaming the administrator ... >> essentially anyone can connect via RDP to your server right through your ... >> involving Citrix are using the Citrix Extranet client and NFuse. ... >> server you can control access to applications on a per application basis ...
    (microsoft.public.windows.server.general)
  • Re: Simulate mouse movement?
    ... If yours is anything like Citrix's implementation of this security ... We wanted to leave them on overnight logged into Citrix to run ... > The screensaver is disabled and I've set the screen to never go blank ... > the mouse by API calls. ...
    (microsoft.public.vb.general.discussion)
  • Re: Least User Priviledges for Network Administrators
    ... We've already covered most of the other security issues that you mentioned. ... We use Citrix in place of TS. ... administer local PCs have rights only on the PC--those accounts have no ... or helpdesk work should never be done under a Domain Admin account, ...
    (microsoft.public.windowsxp.security_admin)
  • RE: Pentesting a Citrix Network
    ... The HTTP server is related to the ... If you take a Citrix ICA ... >> This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • [NT] Citrix Presentation/MetaFrame Server Privilege Escalation
    ... Get your security news from a reliable source. ... Citrix Presentation/MetaFrame Server Privilege Escalation ... Citrix Metaframe Presentation server version 3.0 ...
    (Securiteam)