CVE-2001-0908
First published: Wed Nov 21 2001(Updated: )
CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Citrix MetaFrame | =1.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0908?
CVE-2001-0908 is considered a high severity vulnerability due to the ability of clients to spoof their public IP address.
How do I fix CVE-2001-0908?
To fix CVE-2001-0908, you should upgrade to a newer version of Citrix MetaFrame that addresses this vulnerability.
What does CVE-2001-0908 affect?
CVE-2001-0908 affects Citrix MetaFrame version 1.8.
What is the impact of CVE-2001-0908?
The impact of CVE-2001-0908 is that it allows unauthorized access and potential abuse of the system by spoofing IP addresses.
Is CVE-2001-0908 still relevant today?
CVE-2001-0908 remains relevant for organizations that still utilize Citrix MetaFrame 1.8, exposing them to IP spoofing risks.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/citrix
- canonical/citrix metaframe
- version/citrix metaframe/1.8