Gravité: : Élevé
  Identifiant(s) CVE: : CVE-2011-2007,CVE-2011-2008
  Date du conseil: 13 octobre 2011

  Description

This security update resolves two publicly disclosed vulnerabilities in Host Integration Server. The vulnerabilities could allow denial of service if a remote attacker sends specially crafted network packets to a Host Integration Server listening on UDP port 1478 or TCP ports 1477 and 1478.

  Information Exposure Rating:


  Solutions

  Patch: : http://technet.microsoft.com/en-us/security/bulletin/ms11-082

  Trend Micro Deep Security DPI Rule Number: 1004820
  Trend Micro Deep Security DPI Rule Name: Endless Loop DoS In snabase.exe Vulnerability (CVE-2011-2007)

  Affected software and version:

  • Microsoft Host Integration Server 2004 Service Pack 1
  • Microsoft Host Integration Server 2006 Service Pack 1
  • Microsoft Host Integration Server 2009
  • Microsoft Host Integration Server 2010