CVE-2001-0908

Published: Nov 21, 2001Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).

Affected (1)

Products: Citrix: Metaframe

Citrix

1 product

Metaframe

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Citrix Metaframe	Version 1.8

References (6)

http://marc.info/?l=bugtraq&m=100638693315933&w=2

Source: cve@mitre.org

http://www.securityfocus.com/bid/3566

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7538

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=100638693315933&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3566

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7538

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.