Vigil@nce: Citrix XenDesktop, bypassing CDM
November 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local authenticated attacker can bypass the Client Drive Mapping
feature of Citrix XenDesktop, in order to access to files.
– Severity: 2/4
– Creation date: 02/11/2011
IMPACTED PRODUCTS
– Citrix XenDesktop
DESCRIPTION OF THE VULNERABILITY
The Client Drive Mapping feature of Citrix XenDesktop is used to
restrict the access to some files.
However, a local authenticated attacker can bypass the Client
Drive Mapping feature of Citrix XenDesktop, in order to access to
files.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Citrix-XenDesktop-bypassing-CDM-11122