Public exploits available
On this page
A remote code execution vulnerability exists in the Domain Name System (DNS) Server Service in all supported server versions of Windows that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
A stack-based buffer overrun exists in the Remote Procedure Call (RPC) Management Interface in the Windows Domain Name System (DNS) Server service.
Technical details (analysis)
Remote Procedure Call (RPC) is a protocol that a program can use to request a service from a program located on another computer in a network. RPC helps with interoperability because the program using RPC does not have to understand the network protocols that are supporting communication. In RPC, the requesting program is the client and the service-providing program is the server. A stack-based buffer overrun exists in the Remote Procedure Call (RPC) Management Interface in the Windows Domain Name System (DNS) Server service. On servers running the DNS Server Service on all supported server versions of Windows, an anonymous attacker could try to exploit the vulnerability by sending a specially crafted RPC packet to an affected system. The vulnerability could allow an attacker to run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM.
Microsoft Windows 2000 Server Service Pack 4
icrosoft Windows Server 2003 Service Pack 1 and Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition and Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows 2000 Professional Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2
Microsoft Windows Vista
Microsoft Windows Vista x64 Edition
Release Date: 2007-05-08T00:00:00
Known false positives
No known false positives at this time.
Disable remote management over RPC capability for DNS Servers through the registry key setting.
Managed Deployment Script
Disable the capacity for remote management over RP