From today’s SANS NewsBites Vol. 9 Num. 31

WORMS, ACTIVE EXPLOITS, VULNERABILITIES & PATCHES
--Microsoft Investigating Reports of Attacks Exploiting DNS Flaw
(April 13 & 16, 2007)
Microsoft is investigating reports that attackers are actively
exploiting a buffer overflow flaw in the DNS service for Windows Server
operating systems. Affected software includes Widows 2000 Server
Service Pack 4 (SP 4) and Windows Server 2003 SP 1 and SP 2. "A
stack-based buffer overrun in the DNS Server's remote procedure call
(RPC) interface" could allow remote code execution "in the security
context of the DNS, which by default runs full privileges."
Internet Storm Center:
http://isc.sans.org/diary.html?storyid=2637
http://isc.sans.org/diary.html?storyid=2627
http://isc.sans.org/diary.html?storyid=2633
http://www.theregister.co.uk/2007/04/13/windows_dns_flaw/print.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9016461&source=rss_topic17
http://news.com.com/2061-10789_3-6176593.html?part=rss&tag=2547-1_3-0-20&subj=news
http://www.us-cert.gov/cas/techalerts/TA07-103A.html
http://www.microsoft.com/technet/security/advisory/935964.mspx


Doc

HI Doc, Last week or so I received two "stack overflow on line 140" messages that I can't ever remember receiving that message before, and I'm not too sure about the line number but that's the number that popped into my head.I beleive I was on the ebay site at the time and thought maybe I had run low on memory. Since I'm not computer savvy that message was an enigma to me so I dumped any temporary files that I had and shut down the machine. I havn't received that message since that time.