iDefense Security Advisory 10.14.08 - Remote exploitation of an arbitrary command execution vulnerability in Microsoft Corp.'s Host Integration Server 2006 could allow an attacker to execute arbitrary code with the privileges of the affected service. The RPC interface exposes several methods that an unauthenticated attacker can use to execute arbitrary programs on the server. RPC opcodes 1 and 6 both allow an attacker to call the CreateProcess() function with full control over the application started, as well as the command line passed to it. This allows an attacker to run arbitrary programs on the server. iDefense has confirmed the existence of this vulnerability in Host Integration Server 2006. Previous versions may also be affected.
b9fe753909d642655b6aa83a4515cd2e1b53dc02408456d1fb3e5c5f01d9aca4