This is the first guest blog post from the Juniper Security ResearchLab. We wish to thank our partners at Symantec for allowing us to usethis forum and further show the value in our partnership that was announced last September.
Today marks the first vendor-acknowledged vulnerability that wasfound by a Juniper Security Researcher. The vulnerability was found byKarl Lynn and is a Buffer Overflow in the Citrix Presentation ServerClient for Windows. If successfully exploited, this vulnerability canallow for remote code execution. When exploited, the malicious codewill run in the context of the logged-in user.
We will not be releasing a separate advisory from the vendor releaseand we do strongly recommend that those using this software install thepatch from Citrix. Users of our IDP can rest assure that they areprotected against this vulnerability with our latest signature update.You can read the Citrix advisory and get the patch from Citrix here, and you can find the SecurityFocus Bugtraq write-up here. We wish to thank the Security Response Team over at Citrix for working with us on this issue to protect our mutual customers.
The Juniper Security Engineering and Research team is committed toperforming in-depth research to identify security vulnerabilities inpopular applications, operating systems, and network devices. Webelieve in responsible disclosure and will work very closely with allvendors to insure that a patch is developed and released in a timelymanner. Please contact the Juniper Networks Public Relations team if you would like to discuss this vulnerability in more detail.