Liquidmatrix Security Digest » Vulnerability in RPC on Windows DNS

Vulnerability in RPC on Windows DNS

Author: Dave Lewis
April 13, 2007 at 4:44 am · Filed under Vulnerability

Possible remote code execution problem.

From Microsoft:

Microsoft is investigating new public reports of a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Microsoft Windows 2000 Professional Service Pack 4, Windows XP Service Pack 2, and Windows Vista are not affected as these versions do not contain the vulnerable code.

Microsoft’s initial investigation reveals that the attempts to exploit this vulnerability could allow an attacker to run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM.

Article Link

Tags: Microsoft DNS, RPC Vulnerabilty, Remote Code Execution

Tag It:

Related Articles:

Windows DNS Cache Poisoning (MS07-062)

Patch Tuesday Approaches

Vulnerability in Citrix Presentation Server

Hoff: DNS Debacle In Poetic Review

Liquidmatrix DNS Issues

Permalink

Liquidmatrix Security Digest » Patch Tuesday Approaches said,

May 3, 2007 @ 8:34 pm

[...] that time again. In this upcoming patch release from Microsoft we find a fix for the DNS issue. As well as the patches there will be a nonsecurity update for various windows updating services [...]

RSS feed for comments on this post · TrackBack URI

Packetstorm Tools