RSS   Vulnerabilities for 'Host integration server'   RSS

2008-10-14
 
CVE-2008-3466

CWE-287
 

 
Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability."

 

 >>> Vendor: Microsft 2 Products
Host integration server
Open xml file format converter


Copyright 2024, cxsecurity.com

 

Back to Top