Roy Schestowitz wrote:
> Cybercrooks exploiting new Windows DNS flaw
>
> ,----[ Quote ]
> | Cybercrooks are using a yet-to-be-patched security flaw in certain
> | Windows versions to attack computers running the operating systems,
> | Microsoft warned late Thursday.
> `----
>
> http://news.zdnet.com/2100-1009_22-6175743.html
>
> Microsoft has known about this problem for quite some time. How about
> patching it? Well, that would spoil their patch count, which they so
> proudly rave about. Better just sweep this serious flaw under the carpet
> (until it's too late and damage is already being done)...
http://secunia.com/advisories/24871/
| Secunia Advisory: SA24871
| Release Date: 2007-04-13
|
| Critical: Highly critical
| Impact: System access
| Where: From local network
| Solution Status: Vendor Workaround
|
| OS: Microsoft Windows 2000 Advanced Server
| Microsoft Windows 2000 Datacenter Server
| Microsoft Windows 2000 Server
| Microsoft Windows Server 2003 Datacenter Edition
| Microsoft Windows Server 2003 Enterprise Edition
| Microsoft Windows Server 2003 Standard Edition
| Microsoft Windows Server 2003 Web Edition
| Microsoft Windows Storage Server 2003
|
| CVE reference: CVE-2007-1748 (Secunia mirror)
|
| Description:
| A vulnerability has been reported in Microsoft Windows, which can be
| exploited by malicious people to compromise a vulnerable system.
|
| The vulnerability is caused due to a boundary error in an RPC
| interface of the DNS service used for remote management of the
| service. This can be exploited to cause a stack-based buffer overflow
| via a specially crafted RPC request.
|
| Successful exploitation allows execution of arbitrary code with SYSTEM
| privileges.
|
| NOTE: According to Microsoft, this is already being actively exploited
| on a limited scale.
|
| Solution:
| The vendor recommends disabling the remote management over RPC
| capability for DNS servers.
|
|
