Microsoft Host Integration Server Command Execution Vulnerability( 15 October 2008 )
Last Update Date:
28 Jan 2011
Release Date:
15 Oct 2008
5069
Views
RISK: Medium Risk
A remote code execution vulnerability exists in the SNA Remote Procedure Call (RPC) service for Host Integration Server. An attacker could exploit the vulnerability by constructing a specially crafted RPC request. The vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Impact
- Remote Code Execution
System / Technologies affected
- Microsoft Host Integration Server 2000
- Microsoft Host Integration Server 2004
- Microsoft Host Integration Server 2006
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch
- Microsoft Host Integration Server 2000 Service Pack 2 (Server)
- Microsoft Host Integration Server 2000 Administrator Client
- Microsoft Host Integration Server 2004 (Server)
- Microsoft Host Integration Server 2004 Service Pack 1 (Server)
- Microsoft Host Integration Server 2004 (Client)
- Microsoft Host Integration Server 2004 Service Pack 1 (Client)
- Microsoft Host Integration Server 2006 for 32-bit systems
- Microsoft Host Integration Server 2006 for x64-based systems
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with