[NT] Vulnerability in Host Integration Server RPC Service Allows Code Execution (MS08-059)
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 15 Oct 2008 10:44:36 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Vulnerability in Host Integration Server RPC Service Allows Code Execution
(MS08-059)
------------------------------------------------------------------------
SUMMARY
This security update resolves a privately reported vulnerability in
Microsoft Host Integration Server. The vulnerability could allow remote
code execution if an attacker sent a specially crafted Remote Procedure
Call (RPC) request to an affected system. Customers who follow best
practices and configure the SNA RPC service account to have fewer user
rights on the system could be less impacted than customers who configure
the SNA RPC service account to have administrative user rights.
This security update is rated Critical for all supported editions of
Microsoft Host Integration Server 2000, Microsoft Host Integration Server
2004, and Microsoft Host Integration Server 2006. For more information,
see the subsection, Affected and Non-Affected Software, in this section.
DETAILS
Affected Software:
*
<http://www.microsoft.com/downloads/details.aspx?familyid=11CCA58B-59A4-4E93-9EB1-19B07C290A10> Microsoft Host Integration Server 2000 Service Pack 2 (Server) - Remote Code Execution - Critical - None
*
<http://www.microsoft.com/downloads/details.aspx?familyid=41B49291-1231-4E23-AEF7-818207453D56> Microsoft Host Integration Server 2000 Administrator Client - Remote Code Execution - Critical - None
*
<http://www.microsoft.com/downloads/details.aspx?familyid=9CA255ED-9334-4848-AF94-49EF3078CDC0> Microsoft Host Integration Server 2004 (Server) - Remote Code Execution - Critical - None
*
<http://www.microsoft.com/downloads/details.aspx?familyid=ECA756A1-CA56-4481-B23C-53C159A4E08C> Microsoft Host Integration Server 2004 Service Pack 1 (Server) - Remote Code Execution - Critical - None
*
<http://www.microsoft.com/downloads/details.aspx?familyid=92CB54E7-F4FF-40A4-99CB-6257C4D8D4CD> Microsoft Host Integration Server 2004 (Client) - Remote Code Execution - Critical - None
*
<http://www.microsoft.com/downloads/details.aspx?familyid=D776515C-09AA-4A04-876D-606BFC26A006> Microsoft Host Integration Server 2004 Service Pack 1 (Client) - Remote Code Execution - Critical - None
*
<http://www.microsoft.com/downloads/details.aspx?familyid=1AE79DA3-EC17-4D4B-8011-D777A237AC93> Microsoft Host Integration Server 2006 for 32-bit systems - Remote Code Execution - Critical - None
*
<http://www.microsoft.com/downloads/details.aspx?familyid=05DA4540-4976-458A-A612-7385D78695A2> Microsoft Host Integration Server 2006 for x64-based systems - Remote Code Execution - Critical - None
HIS Command Execution Vulnerability - CVE- 2008-3466
A remote code execution vulnerability exists in the SNA Remote Procedure
Call (RPC) service for Host Integration Server. An attacker could exploit
the vulnerability by constructing a specially crafted RPC request. The
vulnerability could allow remote code execution. An attacker who
successfully exploited this vulnerability could take complete control of
an affected system.
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3466>
CVE-2008-3466
Mitigating Factors for HIS Command Execution Vulnerability - CVE-
2008-3466
Mitigation refers to a setting, common configuration, or general
best-practice, existing in a default state, that could reduce the severity
of exploitation of a vulnerability. The following mitigating factors may
be helpful in your situation:
* An attacker who successfully exploited this vulnerability could gain
the same user rights as the SNA service account as specified during the
install of Host Integration Server. Customers who follow best practices
and configure the SNA RPC service account to have fewer user rights on the
system could be less impacted than customers who configure the SNA service
account to have administrative user rights.
* For systems with Microsoft Host Integration Server 2000 Administrator
Client or the Microsoft Host Integration Server 2004 Client, the default
installation does not create or start the SNA Remote Procedure Call (RPC)
service where the vulnerability exists. However; the files are installed
by default and can be started therefore we highly recommend that customers
apply the update if they have a vulnerable version of the product.
ADDITIONAL INFORMATION
The information has been provided by iDefense.
The original article can be found at:
<http://www.microsoft.com/technet/security/Bulletin/MS08-059.mspx>
http://www.microsoft.com/technet/security/Bulletin/MS08-059.mspx
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [NEWS] Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow
- Next by Date: [NT] Microsoft Visual Basic for Applications Multiple Vulnerabilities (MS08-057)
- Previous by thread: [NEWS] Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow
- Next by thread: [NT] Microsoft Visual Basic for Applications Multiple Vulnerabilities (MS08-057)
- Index(es):
Relevant Pages
|
