CVE-2006-5861
published 2006-11-10CVE-2006-5861: The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote…
PriorityP422medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
4.42%
90.1th percentile
The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | metaframe | — | — |
| citrix | metaframe | — | — |
| citrix | metaframe_presentation_server | — | — |
| citrix | metaframe_presentation_server | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
Citrix Security Bulletin CTX111186
vendor_citrix·CVSS 7.5
CVE-2006-5821 [HIGH] Citrix Security Bulletin CTX111186
Citrix Security Bulletin CTX111186
CVE References: CVE-2006-5821, CVE-2006-5861, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
GHSA-wfw3-5vj5-32f2: The Independent Management Architecture (IMA) service (ImaSrv
ghsa_unreviewed·2022-05-01
CVE-2006-5861 [MEDIUM] GHSA-wfw3-5vj5-32f2: The Independent Management Architecture (IMA) service (ImaSrv
The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=441http://secunia.com/advisories/22802http://securitytracker.com/id?1017205http://support.citrix.com/article/CTX111186http://www.securityfocus.com/bid/20986http://www.vupen.com/english/advisories/2006/4429https://exchange.xforce.ibmcloud.com/vulnerabilities/30156http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=441http://secunia.com/advisories/22802http://securitytracker.com/id?1017205http://support.citrix.com/article/CTX111186http://www.securityfocus.com/bid/20986http://www.vupen.com/english/advisories/2006/4429https://exchange.xforce.ibmcloud.com/vulnerabilities/30156
2006-11-10
Published