CVE-2008-3466 - OpenCVE

Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Host Integration Server 2000 Host Integration Server 2004 Host Integration Server 2006

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:host_integration_server_2000:::::client:::*
	cpe:2.3:a:microsoft:host_integration_server_2000::sp2:::server:::
	cpe:2.3:a:microsoft:host_integration_server_2004:::::client:::*
	cpe:2.3:a:microsoft:host_integration_server_2004:::::server:::*
	cpe:2.3:a:microsoft:host_integration_server_2004::sp1:::server:::
	cpe:2.3:a:microsoft:host_integration_server_2006:::::::x64:*
	cpe:2.3:a:microsoft:host_integration_server_2006:::::::x86:*

No data.

References

Link	Providers
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=745
http://marc.info/?l=bugtraq&m=122479227205998&w=2
http://secunia.com/advisories/32233
http://www.securityfocus.com/bid/31620
http://www.securitytracker.com/id?1021043
http://www.us-cert.gov/cas/techalerts/TA08-288A.html
http://www.vupen.com/english/advisories/2008/2810
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-059
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6075

History

No history.

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2008-10-15T00:00:00

Updated: 2024-08-07T09:37:27.153Z

Reserved: 2008-08-04T00:00:00

Link: CVE-2008-3466

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-10-15T00:12:15.740

Modified: 2018-10-12T21:48:03.247

Link: CVE-2008-3466

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-10-14T00:00:00", "descriptions": [{"lang": "en", "value": "Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka \"HIS Command Execution Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "ADV-2008-2810", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2810"}, {"name": "20081014 Microsoft Host Integration Server 2006 Command Execution Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=745"}, {"name": "31620", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31620"}, {"name": "SSRT080143", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "32233", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32233"}, {"name": "HPSBST02379", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "MS08-059", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-059"}, {"name": "TA08-288A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html"}, {"name": "1021043", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021043"}, {"name": "oval:org.mitre.oval:def:6075", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6075"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2008-3466", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka \"HIS Command Execution Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2008-2810", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2810"}, {"name": "20081014 Microsoft Host Integration Server 2006 Command Execution Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=745"}, {"name": "31620", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31620"}, {"name": "SSRT080143", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "32233", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32233"}, {"name": "HPSBST02379", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "MS08-059", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-059"}, {"name": "TA08-288A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html"}, {"name": "1021043", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021043"}, {"name": "oval:org.mitre.oval:def:6075", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6075"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:37:27.153Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2008-2810", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2810"}, {"name": "20081014 Microsoft Host Integration Server 2006 Command Execution Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=745"}, {"name": "31620", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31620"}, {"name": "SSRT080143", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "32233", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32233"}, {"name": "HPSBST02379", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"name": "MS08-059", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-059"}, {"name": "TA08-288A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html"}, {"name": "1021043", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021043"}, {"name": "oval:org.mitre.oval:def:6075", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6075"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2008-3466", "datePublished": "2008-10-15T00:00:00", "dateReserved": "2008-08-04T00:00:00", "dateUpdated": "2024-08-07T09:37:27.153Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:host_integration_server_2000:*:*:*:*:client:*:*:*", "matchCriteriaId": "8B33F8D8-DCA9-4AD7-A2EE-2E147C0B22BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:host_integration_server_2000:*:sp2:*:*:server:*:*:*", "matchCriteriaId": "3735842E-8460-47DF-80CE-07A1B5B7B2BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:host_integration_server_2004:*:*:*:*:client:*:*:*", "matchCriteriaId": "F36B2527-D82F-4473-988D-64C2222726AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:host_integration_server_2004:*:*:*:*:server:*:*:*", "matchCriteriaId": "0BE2E52C-FEC4-46E4-9466-DFA925798DA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:host_integration_server_2004:*:sp1:*:*:server:*:*:*", "matchCriteriaId": "D9518CB8-38F4-4E11-A652-D2784CBE0F5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:host_integration_server_2006:*:*:*:*:*:*:x64:*", "matchCriteriaId": "7F919C01-85B1-4E0D-BCEF-EDF411814436", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:host_integration_server_2006:*:*:*:*:*:*:x86:*", "matchCriteriaId": "9EE996C0-B973-4584-AA99-2A7832C5F85E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka \"HIS Command Execution Vulnerability.\""}, {"lang": "es", "value": "Microsoft Host Integration Server (HIS) 2000, 2004 y 2006 no limita el acceso RPC a funciones administrativas, lo que permite a atacantes remotos evitar la autentificaci\u00f3n y ejecutar c\u00f3digo de su elecci\u00f3n mediante un mensaje SNA RPC, tambi\u00e9n conocido como \"HIS Command Execution Vulnerability (Vulnerabilidad de Ejecuci\u00f3n de Comandos HIS)\"."}], "id": "CVE-2008-3466", "lastModified": "2018-10-12T21:48:03.247", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-10-15T00:12:15.740", "references": [{"source": "secure@microsoft.com", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=745"}, {"source": "secure@microsoft.com", "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/32233"}, {"source": "secure@microsoft.com", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/31620"}, {"source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1021043"}, {"source": "secure@microsoft.com", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html"}, {"source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2008/2810"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-059"}, {"source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6075"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}