MS Advisory 935964 : DNS server vulnerability

Roger Abell · Apr 13, 2007

(x-post includes AD NGs as DNS often resides there)

Microsoft Security Advisory (935964)
Vulnerability in RPC on Windows DNS Server Could Allow Remote Code
Execution.

see:
http://www.microsoft.com/technet/security/advisory/935964.mspx

for workaround info on disabling Rmt Mgmt over RCP if the DNS
server exposes more than tcp/udp 53 to untrusted networks.

jwgoerlich · Apr 13, 2007

Interesting. I did not know that remote management RPC could be
disabled on a per-service basis. Roger, do you happen to know of any
other services that could be turned off in this way?

J Wolfgang Goerlich

Roger Abell [MVP] · Apr 13, 2007

Interesting. I did not know that remote management RPC could be
disabled on a per-service basis. Roger, do you happen to know of any
other services that could be turned off in this way?

The existence of that reg entry was a surprise to me, as would be
other places where a similar currently unsurface reg entry exists.
I am glad to see my dyslexic munge of RPC didn't throw you off :-)

MS Advisory 935964 : DNS server vulnerability

Roger Abell

jwgoerlich

Roger Abell [MVP]