cve-2006-5821
Vulnerability from cvelistv5
Published
2006-11-10 23:00
Modified
2024-08-07 20:04
Severity ?
Summary
Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.
References
cve@mitre.orghttp://secunia.com/advisories/22802
cve@mitre.orghttp://securitytracker.com/id?1017205
cve@mitre.orghttp://support.citrix.com/article/CTX111186Patch
cve@mitre.orghttp://www.securityfocus.com/archive/1/451337/100/100/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/20986
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/4429
cve@mitre.orghttp://www.zerodayinitiative.com/advisories/ZDI-06-038.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/30148
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22802
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017205
af854a3a-2127-422b-91ae-364da2661108http://support.citrix.com/article/CTX111186Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/451337/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/20986
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/4429
af854a3a-2127-422b-91ae-364da2661108http://www.zerodayinitiative.com/advisories/ZDI-06-038.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/30148
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:04:55.520Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20061109 ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/451337/100/100/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-038.html"
          },
          {
            "name": "citrix-ima-management-bo(30148)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30148"
          },
          {
            "name": "1017205",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017205"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/CTX111186"
          },
          {
            "name": "20986",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20986"
          },
          {
            "name": "22802",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22802"
          },
          {
            "name": "ADV-2006-4429",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4429"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-11-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20061109 ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/451337/100/100/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-038.html"
        },
        {
          "name": "citrix-ima-management-bo(30148)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30148"
        },
        {
          "name": "1017205",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017205"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.citrix.com/article/CTX111186"
        },
        {
          "name": "20986",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20986"
        },
        {
          "name": "22802",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22802"
        },
        {
          "name": "ADV-2006-4429",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4429"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5821",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20061109 ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/451337/100/100/threaded"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-06-038.html",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-038.html"
            },
            {
              "name": "citrix-ima-management-bo(30148)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30148"
            },
            {
              "name": "1017205",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017205"
            },
            {
              "name": "http://support.citrix.com/article/CTX111186",
              "refsource": "CONFIRM",
              "url": "http://support.citrix.com/article/CTX111186"
            },
            {
              "name": "20986",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20986"
            },
            {
              "name": "22802",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22802"
            },
            {
              "name": "ADV-2006-4429",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4429"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-5821",
    "datePublished": "2006-11-10T23:00:00",
    "dateReserved": "2006-11-08T00:00:00",
    "dateUpdated": "2024-08-07T20:04:55.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-5821\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-11-10T23:07:00.000\",\"lastModified\":\"2024-11-21T00:20:41.510\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento del b\u00fafer basado en mont\u00f3n en la funci\u00f3n IMA_SECURE_DecryptData1 en la ImaSystem.dll para el Citrix MetaFrame XP 1.0 y 2.0, y Presentation Server 3.0 y 4.0, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una petici\u00f3n en el Independent Management Architecture (IMA) al servicio (ImaSrv.exe) con tama\u00f1os de valores no v\u00e1lidos que disparen el desbordamiento durante la desencriptaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:metaframe:1.0:*:windows_2000:*:*:*:*:*\",\"matchCriteriaId\":\"A77E8839-8E33-45E8-B491-C5733C8AB884\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2000:*:*:*:*:*\",\"matchCriteriaId\":\"0C88F86F-F07D-4C17-B5D5-EC8F1A69A65A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:64-bit:*:*:*:*:*\",\"matchCriteriaId\":\"E0A76F02-1EB3-4925-B241-91331EAFDDE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:microsoft_windows_2000:*:*:*:*:*\",\"matchCriteriaId\":\"9565EB76-11A0-415F-943A-E9870F5F37D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:microsoft_windows_2003:*:*:*:*:*\",\"matchCriteriaId\":\"A015864E-AF0C-49CA-8961-9CAA830DAE8E\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/22802\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1017205\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.citrix.com/article/CTX111186\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/archive/1/451337/100/100/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/20986\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4429\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-06-038.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/30148\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22802\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1017205\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.citrix.com/article/CTX111186\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/archive/1/451337/100/100/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/20986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/4429\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-06-038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/30148\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.