Posted on Several Security Mailing List late last night (April 14th) -
This module has been added to the development version of Metasploit 3, it will be merged to 3.0-stable once 2003 support has been completed
http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/dcerpc/msdns_zonename.rb
"This module exploits a stack overflow in the RPC interface of the Microsoft DNS service. The vulnerability is triggered when a long zone name parameter is supplied that contains backslash characters. "
--------------------------------------------
Microsoft has not released a timetable for a patch, therefore it is highly recommended it is to apply workarounds on affected servers running DNS.
This does not affect DNS clients, like Windows 2000 Professional or XP.
Devcode released an DNS Exploit PoC today on the FD security list and Andres Tarasco released full source code exploit and analysis.
No comments:
Post a Comment