Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

T-002: Vulnerability in Host INtegration Server RPC Service

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) T-002: Vulnerability in Host INtegration Server RPC Service
# 1  
Old 11-13-2008
T-002: Vulnerability in Host INtegration Server RPC Service
A remote code execution vulnerability exists in the SNA Remote Procedure Call (RPC) service for Host Integration Server. An attacker could exploit the vulnerability by constructing a specially crafted RPC request. The risk is HIGH. The vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. Solaris

RPC bind service in maintenance mode

Hi, I have an issue with RPC bind service and its failing with status 1. any help would be much appreciated. THanks (2 Replies)
Discussion started by: Yakub Humami
2 Replies

2. Solaris

NFS write failed for server.....error 11 (RPC: Server can't decode arguments)

Hello! I have a Linux nfs server (called server100 below) with a export nfs. My problem is that the Solaris client (called client100 below) doesn't seems to like it. In the Solaris syslog I got following messages (and after a while the solaris client behave liked its hanged/to buzy). Also see... (3 Replies)
Discussion started by: sap4ever
3 Replies

3. UNIX for Dummies Questions & Answers

RPC service

Hi All, How can I add RPC service in SCO 5.0.7. I did not find in the sco cd please help me Alice (0 Replies)
Discussion started by: alisevA3
0 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

json::rpc::server::daemon

JSON::RPC::Server::Daemon(3pm)				User Contributed Perl Documentation			    JSON::RPC::Server::Daemon(3pm)

NAME

       JSON::RPC::Server::Daemon - JSON-RPC sever for daemon

SYNOPSIS

	# Daemon version
	#--------------------------
	# In your daemon server script
	use JSON::RPC::Server::Daemon;

	JSON::RPC::Server::Daemon->new(LocalPort => 8080);
				 ->dispatch({'/jsonrpc/API' => 'MyApp'})
				 ->handle();

	#--------------------------
	# In your application class
	package MyApp;

	use base qw(JSON::RPC::Procedure); # Perl 5.6 or more than

	sub echo : Public {    # new version style. called by clients
	    # first argument is JSON::RPC::Server object.
	    return $_[1];
	}

	sub sum : Public(a:num, b:num) { # sets value into object member a, b.
	    my ($s, $obj) = @_;
	    # return a scalar value or a hashref or an arryaref.
	    return $obj->{a} + $obj->{b};
	}

	sub a_private_method : Private {
	    # ... can't be called by client
	}

	sub sum_old_style {  # old version style. taken as Public
	    my ($s, @arg) = @_;
	   return $arg[0] + $arg[1];
	}

DESCRIPTION

       This module is for http daemon servers using HTTP::Daemon or HTTP::Daemon::SSL.

METHODS

       They are inherited from the JSON::RPC::Server methods basically.  The below methods are implemented in JSON::RPC::Server::Daemon.

       new Creates new JSON::RPC::Server::Daemon object.  Arguments are passed to HTTP::Daemon or HTTP::Daemon::SSL.

       handle
	   Runs server object and returns a response.

       retrieve_json_from_post
	   retrieves a JSON request from the body in POST method.

       retrieve_json_from_get
	   In the protocol v1.1, 'GET' request method is also allowable.  it retrieves a JSON request from the query string in GET method.

       response
	   returns a response JSON data to a client.

SEE ALSO

       HTTP::Daemon,

       HTTP::Daemon::SSL,

       JSON::RPC::Server,

       JSON::RPC::Procedure,

       JSON,

       <http://json-rpc.org/wd/JSON-RPC-1-1-WD-20060807.html>,

       <http://json-rpc.org/wiki/specification>,

AUTHOR

       Makamaka Hannyaharamitu, <makamaka[at]cpan.org>

COPYRIGHT AND LICENSE

       Copyright 2007-2008 by Makamaka Hannyaharamitu

       This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.10.1							    2008-09-01					    JSON::RPC::Server::Daemon(3pm)