A newly discovered DNS flaw in the Windows 2000 Server and Windows Server 2003 has internet security watchers on the look out. It seems that a new exploit, utilizing Active Directory and DNS, has been discovered.
The SANS Internet Storm Center then passed the information on to Microsoft, which last week confirmed that a new buffer overflow flaw has been found in its DNS Server Service implementation in Windows 2000 Server service pack 4 and Windows Server 2003 SP1 and SP2.
According to Microsoft Security Advisory (935964), the flaw can be exploited remotely by sending a malformed Remote Procedure Call (RPC) packet to a vulnerable computer. Microsoft it is working on a patch for the flaw, but would not commit to delivering an out-of-cycle patch. Its next regularly scheduled round of patches is about three weeks away, on May 8.
Malicious code quickly found its way onto the internet. W32.Rinbot.BC, was the first worm to utilize the exploit. Click here! for more info.