---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Microsoft Host Integration Server SNA RPC Vulnerability SECUNIA ADVISORY ID: SA32233 VERIFY ADVISORY: http://secunia.com/advisories/32233/ CRITICAL: Moderately critical IMPACT: Security Bypass, System access WHERE: >From local network SOFTWARE: Microsoft Host Integration Server 2004 (Client) http://secunia.com/advisories/product/18382/ Microsoft Host Integration Server 2000 Administrator Client http://secunia.com/advisories/product/20149/ Microsoft Host Integration Server 2000 http://secunia.com/advisories/product/1225/ Microsoft Host Integration Server 2006 http://secunia.com/advisories/product/18383/ Microsoft Host Integration Server 2004 http://secunia.com/advisories/product/20150/ DESCRIPTION: A vulnerability has been reported in Microsoft Host Integration Server, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the SNA RPC service. This allows bypassing the authentication mechanism and access administrative functionality via a specially crafted RPC request. SOLUTION: Apply patches. Microsoft Host Integration Server 2000 SP2 (Server): http://www.microsoft.com/downloads/details.aspx?familyid=11CCA58B-59A4-4E93-9EB1-19B07C290A10 Microsoft Host Integration Server 2000 Administrator Client: http://www.microsoft.com/downloads/details.aspx?familyid=41B49291-1231-4E23-AEF7-818207453D56 Microsoft Host Integration Server 2004 (Server): http://www.microsoft.com/downloads/details.aspx?familyid=9CA255ED-9334-4848-AF94-49EF3078CDC0 Microsoft Host Integration Server 2004 SP1 (Server): http://www.microsoft.com/downloads/details.aspx?familyid=ECA756A1-CA56-4481-B23C-53C159A4E08C Microsoft Host Integration Server 2004 (Client): http://www.microsoft.com/downloads/details.aspx?familyid=92CB54E7-F4FF-40A4-99CB-6257C4D8D4CD Microsoft Host Integration Server 2004 SP1 (Client): http://www.microsoft.com/downloads/details.aspx?familyid=D776515C-09AA-4A04-876D-606BFC26A006 Microsoft Host Integration Server 2006 for 32-bit systems: http://www.microsoft.com/downloads/details.aspx?familyid=1AE79DA3-EC17-4D4B-8011-D777A237AC93 Microsoft Host Integration Server 2006 for x64-based systems: http://www.microsoft.com/downloads/details.aspx?familyid=05DA4540-4976-458A-A612-7385D78695A2 PROVIDED AND/OR DISCOVERED BY: The vendor credits Stephen Fewer, Harmony Security via iDefense VCP. ORIGINAL ADVISORY: MS08-059 (KB956695): http://www.microsoft.com/technet/security/Bulletin/MS08-059.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------