Microsoft Windows DNS Service Buffer Overflow Vulnerability Date: Saturday, April 14, 2007 @ 12:07:53 CDT Topic: Security SECUNIA ADVISORY ID: SA24871 VERIFY ADVISORY: http://secunia.com/advisories/24871/ CRITICAL: Highly critical IMPACT: System access WHERE: >From local network DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in an RPC interface of the DNS service used for remote management of the service. This can be exploited to cause a stack-based buffer overflow via a specially crafted RPC request. Successful exploitation allows execution of arbitrary code with SYSTEM privileges. OPERATING SYSTEM: Microsoft Windows Storage Server 2003 - http://secunia.com/product/12399/ Microsoft Windows Server 2003 Web Edition - http://secunia.com/product/1176/ Microsoft Windows Server 2003 Standard Edition - http://secunia.com/product/1173/ Microsoft Windows Server 2003 Enterprise Edition - http://secunia.com/product/1174/ Microsoft Windows Server 2003 Datacenter Edition - http://secunia.com/product/1175/ Microsoft Windows 2000 Server - http://secunia.com/product/20/ Microsoft Windows 2000 Datacenter Server - http://secunia.com/product/1177/ Microsoft Windows 2000 Advanced Server - http://secunia.com/product/21/ NOTE: According to Microsoft, this is already being actively exploited on a limited scale. SOLUTION: The vendor recommends disabling the remote management over RPC capability for DNS servers. PROVIDED AND/OR DISCOVERED BY: Discovered as a 0-day. ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/935964.mspx http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx This article comes from Ravens PHP Scripts https://www.ravenphpscripts.com The URL for this story is: https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2858