Microsoft Host Integration Server RPC远程命令执行漏洞(MS08-059)

2008-10-16T00:00:00
ID SSV:4246
Type seebug
Reporter Root
Modified 2008-10-16T00:00:00

Description

BUGTRAQ ID: 31620 CVE(CAN) ID: CVE-2008-3466

Host Integration Server通过提供应用、数据和网络集成特性,将Microsoft Windows扩展至其它系统。

Host Integration Server的RPC接口所暴露的一些方式允许未经认证的攻击者在服务器上执行任意程序。RPC opcodes 1和6都允许攻击者调用CreateProcess()函数并向其传送命令行,这可能导致完全入侵服务器。

Microsoft Host Integration Server 2006 Microsoft Host Integration Server 2004 SP1 Microsoft Host Integration Server 2004 Microsoft Host Integration Server 2000管理员客户端 Microsoft Host Integration Server 2000 SP2 Microsoft


Microsoft已经为此发布了一个安全公告(MS08-059)以及相应补丁: MS08-059:Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695) 链接:<a href=http://www.microsoft.com/technet/security/Bulletin/MS08-059.mspx?pf=true target=_blank>http://www.microsoft.com/technet/security/Bulletin/MS08-059.mspx?pf=true</a>