CVE-2008-3466

Related Files

HP Security Bulletin 2008-01.43

Posted Oct 23, 2008

Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.

tags | advisory, vulnerability

advisories | CVE-2008-4020, CVE-2008-3471, CVE-2008-3477, CVE-2008-4019, CVE-2008-2947, CVE-2008-3472, CVE-2008-3473, CVE-2008-3474, CVE-2008-3475, CVE-2008-3476, CVE-2008-3466, CVE-2008-4023, CVE-2008-2250, CVE-2008-2251, CVE-2008-2252, CVE-2008-1446, CVE-2008-4038, CVE-2008-4036

SHA-256 | 6070bad84d5022ca04799b12d6ce60b15fd554e948e8ef474e0352b147691bcb

Download | Favorite | View

iDEFENSE Security Advisory 2008-10-14.1

Posted Oct 14, 2008

Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 10.14.08 - Remote exploitation of an arbitrary command execution vulnerability in Microsoft Corp.'s Host Integration Server 2006 could allow an attacker to execute arbitrary code with the privileges of the affected service. The RPC interface exposes several methods that an unauthenticated attacker can use to execute arbitrary programs on the server. RPC opcodes 1 and 6 both allow an attacker to call the CreateProcess() function with full control over the application started, as well as the command line passed to it. This allows an attacker to run arbitrary programs on the server. iDefense has confirmed the existence of this vulnerability in Host Integration Server 2006. Previous versions may also be affected.

tags | advisory, remote, arbitrary

advisories | CVE-2008-3466

SHA-256 | b9fe753909d642655b6aa83a4515cd2e1b53dc02408456d1fb3e5c5f01d9aca4

Download | Favorite | View