What is CVE-2008-3466?

CVE-2008-3466 is a vulnerability in N/a. Published 2008-10-15.

Is CVE-2008-3466 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-3466

Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using o…

EPSS: 0.847 (99.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

ADV-2008-2810 (vdb-entry, x_refsource_VUPEN)
20081014 Microsoft Host Integration Server 2006 Command Execution Vulnerability (x_refsource_IDEFENSE, third-party-advisory)
31620 (vdb-entry, x_refsource_BID)
SSRT080143 (x_refsource_HP, vendor-advisory)
32233 (x_refsource_SECUNIA, third-party-advisory)
MS08-059 (x_refsource_MS, vendor-advisory)
TA08-288A (x_refsource_CERT, third-party-advisory)
1021043 (vdb-entry, x_refsource_SECTRACK)
oval:org.mitre.oval:def:6075 (x_refsource_OVAL, signature, vdb-entry)

Frequently asked questions

What is CVE-2008-3466?: CVE-2008-3466 is a vulnerability in N/a. Published 2008-10-15.
Is CVE-2008-3466 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.