Microsoft Warns of Dangerous DNS Server Flaw

Posted on April 15, 2007 by

According to information released by Microsoft a newly-discovered vulnerability in several of their server products may allow attackers to run unauthorized code on computers that are affected. Microsoft is working on a patch but no release date is scheduled.
Issue is with the DNS Server Service which looks up IP addresses and directs them to the proper domain name or website when you type it in your web browser. Windows 2000 Server SP4 and Windows Server 2003 SP1 and SP2 are affected.

The flaw can cause a stack-based buffer overrun in the DNS Server’s RPC (remote procedure call) interface. RPC is a protocol through which a program can request a service from an application on another machine on a network.

An attacker could try to exploit the problem by sending a special RPC packet to the system, which then could allow code to run in the “security context of the Domain Name System Server Service,” according to Microsoft.
There are several methods which could be used to block the attacks according to Microsoft which include disabling the RPC’s remote management capability or blocking ports 1024 to 5000 on the firewall which the RPC protocol uses and enabling advanced TCP/IP filtering.

(c) 2007 ElectroGeek.com

No related posts.

Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>