Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)

2017-04-28T00:00:00
ID SAINT:FA1372CDAD5608289174EE2F1E82EC66
Type saint
Reporter SAINT Corporation
Modified 2017-04-28T00:00:00

Description

Added: 04/28/2017

Background

Distributed Computing Environment - Remote Procedure Call (DCE-RPC) is the protocol used by Windows operating systems for calling program functions on remote targets.

Problem

A memory corruption vulnerability in the DCE-RPC **MIBEntryGet** call could allow remote attackers to execute arbitrary commands with SYSTEM privileges.

Resolution

Update to the latest patch level available for the target's operating system.

References

<https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/>

Limitations

Exploit works on unpatched versions of Windows Server 2003 SP2 and requires the Routing and Remote Access service to be enabled.

Platforms

Windows XP
Windows Server 2003