Great Reviews!Need help setting up your website, installing Apache, PHP, MySQL, or PhpNuke?Need help customizing or designing scripts?Please contact me via the Contact Us option for further details and pricing.
DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in an RPC interface of the DNS service used for remote management of the service. This can be exploited to cause a stack-based buffer overflow via a specially crafted RPC request. Successful exploitation allows execution of arbitrary code with SYSTEM privileges.
OPERATING SYSTEM:
Microsoft Windows Storage Server 2003 - http://secunia.com/product/12399/
Microsoft Windows Server 2003 Web Edition - http://secunia.com/product/1176/
Microsoft Windows Server 2003 Standard Edition - http://secunia.com/product/1173/
Microsoft Windows Server 2003 Enterprise Edition - http://secunia.com/product/1174/
Microsoft Windows Server 2003 Datacenter Edition - http://secunia.com/product/1175/
Microsoft Windows 2000 Server - http://secunia.com/product/20/
Microsoft Windows 2000 Datacenter Server - http://secunia.com/product/1177/
Microsoft Windows 2000 Advanced Server - http://secunia.com/product/21/
NOTE: According to Microsoft, this is already being actively exploited on a limited scale.
SOLUTION: The vendor recommends disabling the remote management over RPC capability for DNS servers.
PROVIDED AND/OR DISCOVERED BY: Discovered as a 0-day.
ORIGINAL ADVISORY:
Microsoft:
http://www.microsoft.com/technet/security/advisory/935964.mspx
http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx
Posted on Saturday, April 14, 2007 @ 12:07:53 EDT by Raven
![[Valid RSS]](http://ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
