Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)
Added: 04/28/2017Background
Distributed Computing Environment - Remote Procedure Call (DCE-RPC) is the protocol used by Windows operating systems for calling program functions on remote targets.Problem
A memory corruption vulnerability in the DCE-RPC MIBEntryGet call could allow remote attackers to execute arbitrary commands with SYSTEM privileges.Resolution
Update to the latest patch level available for the target's operating system.References
https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/Limitations
Exploit works on unpatched versions of Windows Server 2003 SP2 and requires the Routing and Remote Access service to be enabled.Platforms
Windows XPWindows Server 2003
Back to exploit index