Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows DNS Server 0-day buffer overflow
updated since 13.04.2007
Published:08.05.2007
Source:
SecurityVulns ID:7579
Type:remote
Threat Level:
8/10
Description:Buffer overflow in RPC-based interface is used for remote system compromisation.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2003 Server
CVE:CVE-2007-1748 (Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences.)
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS07-029 Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966) (08.05.2007)
 documentAndres Tarasco , [Full-disclosure] Microsoft DNS Server Remote Code execution Exploit and analysis (16.04.2007)
 documentCERT, US-CERT Technical Cyber Security Alert TA07-103A -- Microsoft Windows DNS RPC Buffer Overflow (14.04.2007)
 documentMICROSOFT, Microsoft Security Advisory (935964) Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution (13.04.2007)
Files:Microsoft DNS Server Remote Code execution Exploit
 Microsoft Security Bulletin MS07-029 Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod