Command Execution Vulnerability in Microsoft Host Integration Server
CVE-2008-3466

Currently unrated

Key Information:

Vendor

Microsoft
Status
Host Integration Server 2004
Host Integration Server 2006
Host Integration Server 2000
Vendor
CVE Published:
15 October 2008

What is CVE-2008-3466?

The Microsoft Host Integration Server products from versions 2000 to 2006 are vulnerable due to a lack of restrictions on RPC access to administrative functions. This vulnerability enables remote attackers to bypass authentication mechanisms and execute arbitrary code by sending specially crafted SNA RPC messages using specific opcodes. This can lead to unauthorized command execution, potentially compromising the integrity and security of the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2008/2810
vdb-entryx_refsource_VUPEN
http://labs.idefense.com/intelligence/vulnerabilities/dis...
third-party-advisoryx_refsource_IDEFENSE
http://www.securityfocus.com/bid/31620
vdb-entryx_refsource_BID

EPSS Score

84% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.