CVE-2008-3466

Microsoft HIS <2006 - Auth Bypass

Title source: llm

Description

Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability."

Exploits (1)

metasploit WORKING POC

by MC · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/ms/ms08_059_his2006.rb

View Code ZIP pw:eip

References (9)

[Mailing List] http://marc.info/?l=bugtraq&m=122479227205998&w=2

[Patch, Vendor Advisory] http://secunia.com/advisories/32233

[Exploit, Patch] http://www.securityfocus.com/bid/31620

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA08-288A.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-059

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6075

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1021043

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/2810

[Third Party Advisory] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=745

Scores

EPSS 0.8472

EPSS Percentile 99.3%

Details

CWE

CWE-287

Status published

Products (3)

microsoft/host_integration_server_2000 (2 CPE variants)

microsoft/host_integration_server_2004 (3 CPE variants)

microsoft/host_integration_server_2006 (2 CPE variants)

Published Oct 15, 2008

Tracked Since Feb 18, 2026