Zero-day vulnerability in Windows Server

Stack-based buffer overflow

Vulnerability details

Advisory: SB2007050801 - Remote code execution in Microsoft DNS server

Vulnerable component: Windows Server

CVE-ID: CVE-2007-1748

CVSSv3 score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C

CWE-ID: CWE-119 - Memory corruption


The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing RPC requests in Microsoft Windows DNS server, which contain long zone name parameter with escaped octal strings.
A remote attacker can send a specially crafted RPC request to vulnerable DNS server, cause stack-based buffer overflow and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

Public Exploits: