1 results (0.003 seconds)
CVSS: 10.0EPSS: 97%CPEs: 7EXPL: 2
CVSS: 10.0EPSS: 97%CPEs: 7EXPL: 2CVE-2008-3466 – Microsoft Host Integration Server 2006 Command Execution
https://notcve.org/view.php?id=CVE-2008-3466
15 Oct 2008 — Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability." Microsoft Host Integration Server (HIS) 2000, 2004 y 2006 no limita el acceso RPC a funciones administrativas, lo que permite a atacantes remotos evitar la autentificación y ejecuta... • https://packetstorm.news/files/id/180806 • CWE-287: Improper Authentication •