Microsoft Host Integration Server RPC远程命令执行漏洞（MS08-059）

BUGTRAQ ID: 31620 CVECAN ID: CVE-2008-3466 Host Integration Server通过提供应用、数据和网络集成特性，将Microsoft Windows扩展至其它系统。 Host Integration Server的RPC接口所暴露的一些方式允许未经认证的攻击者在服务器上执行任意程序。RPC opcodes 1和6都允许攻击者调用CreateProcess函数并向其传送命令行，这可能导致完全入侵服务器。 Microsoft Host Integration Server 2006 Microsoft Host Integration...

Microsoft Host Integration Server 2006 Command Execution Vulnerability

This module exploits a command-injection vulnerability in Microsoft Host Integration Server 2006. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Host Integration Server 2006 Command...

Microsoft Security Bulletin MS08-059 – Critical Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695)

Microsoft Security Bulletin MS08-059 – Critical Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution 956695 Published: October 14, 2008 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microsof...

Microsoft Host Integration Server Remote Command Execution (MS08-059; CVE-2008-3466)

Microsoft Host Integration Server HIS is a gateway application that provides host access and integration, extending Microsoft Windows to other systems by integrating mission-critical host applications, data sources, messaging, and security systems. A remote code execution vulnerability has been...