From: Chris McNab (chris.mcnab@trustmatta.com)
Date: Mon May 10 2004 - 12:11:11 EDT
Hi,
I've recently seen a number of our clients using Citrix (MetaFrame XP,
NFuse, and Secure Gateway) to provide remote access via HTTP+SSL to
published MS Office 2000 applications (Word, Excel, PowerPoint), Internet
Explorer 6, and other home-grown applications. In terms of hardening, the
underlying application servers usually run Win2K Advanced Server, and are
part of an Active Directory, so I recommend some strict permissions on
executables (cmd.exe, net.exe, wscript.exe, regedt32.exe, etc.), folders,
and registry keys as far as the 'AnonXXX' Citrix users are concerned, and
object access auditing of potentially sensitive files through Group Policy
Objects, to act as an early warning mechanism.
What I'd like to know is if any of you have experience with breaking
published MS applications through Citrix in this way--in particular MS
Office and Internet Explorer 6 to run arbitrary code on the Citrix
application server. URLs to work that's already been done would be great
too.
Thanks,
Chris
Chris McNab
Technical Director
Matta
18 Noel Street
London W1F 8GN
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:53 EDT