Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution

A recently detected flaw in the Microsoft DNS (Domain Name Services) Server’s RPC (Remote Procedure Call) management server might allow a remote attacker to execute arbitrary code.

The folks at MSRC updated their data and indicated that when a Windows DNS server is not properly protected (firewalling, ip-filtering) it can be exploited by sending malicious packets to the RPC ports (tcp/135, tcp/445, tcp/>1024).

The Metasploit framework already has a plugin to test vulnerable servers.

One thought on “Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution

Leave a Reply

Your email address will not be published. Required fields are marked *