Version(s): Windows 2000 Server SP4, Windows Server 2003 SP1, and Windows 2003 SP2 |
Description: A vulnerability was reported in the Windows DNS service RPC interface. A remote user can execute arbitrary code on the target system. A remote user can send a specially crafted RPC packet to the RPC interface of the DNS server to trigger a stack overflow and execute arbitrary code on the target system. The code will run with the privileges of the target DNS service, which runs with Local System privileges by default. A remote authenticated user can also exploit this vulnerability via TCP/UDP port 445. The name resolution function running on port 53 is not affected. The vulnerable code resides on Windows server systems, not client systems. Windows 2000 Professional SP4, Windows XP SP2, and Windows Vista are not affected. This vulnerability is being actively exploited in limited situations. Carnegie Mellon reported this vulnerability to Microsoft. |
Impact: A remote user can execute arbitrary code on the target system. |
Solution: No solution was available at the time of this entry. Microsoft is working on a fix. The Microsoft advisory is available at: http://www.microsoft.com/technet/security/advisory/935964.mspx |
Vendor URL: www.microsoft.com/technet/security/advisory/935964.mspx (Links to External Site) |
Cause: Boundary error |
Underlying OS: Windows (2000), Windows (2003) |