This is a few days old but, there is apparently working exploit code on the loose. From the Citrix website:
Severity: High
Description of Problem
The Citrix print provider is used by Citrix Presentation Server to allow users to print to their local printer from published applications. A buffer overflow vulnerability has been reported in this component, this can be exploited by either:
• A local API call
• An unauthenticated RPC request
This overflow could be used to execute arbitrary code in the context of the Local System account.
This vulnerability is present in all versions of Citrix MetaFrame XP and Presentation Server up to and including 4.0.
Mitigating Factors
Access to the RPC interface would be needed to remotely exploit this issue. In typical deployments of Citrix Presentation Server this interface would not be externally accessible.
Tags: Citrix Exploit, Exploit, Privilege Escalation
