CVE-2008-3466

NONECVSS 0.0

0.0

Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability."

🔗 References (18)

secure@microsofthttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=745
secure@microsofthttp://marc.info/?l=bugtraq&m=122479227205998&w=2
secure@microsofthttp://secunia.com/advisories/32233
secure@microsofthttp://www.securityfocus.com/bid/31620
secure@microsofthttp://www.securitytracker.com/id?1021043
secure@microsofthttp://www.us-cert.gov/cas/techalerts/TA08-288A.html
secure@microsofthttp://www.vupen.com/english/advisories/2008/2810
secure@microsofthttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-059
secure@microsofthttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6075
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=745
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122479227205998&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32233
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31620
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021043
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-288A.html

Is Your Infrastructure Affected by CVE-2008-3466?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-3466

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-3466?