Windows DNS RPC Interface (MS07-029) Vulnerability (CVE-2007-1748) Scanner

Stay Up To Date
Asset Type


Need Membership


Asset Verify


API Support


Estimate Time (Second)


Windows DNS RPC Interface (MS07-029) Vulnerability (CVE-2007-1748) Scanner Detail

Detects Microsoft Windows systems with Dns Server RPC vulnerable to MS07-029.

MS07-029 targets the R_DnssrvQuery() and R_DnssrvQuery2() RPC method which isa part of DNS Server RPC interface that serves as a RPC service for configuring and getting information from the DNS Server service. DNS Server RPC service can be accessed using "\dnsserver" SMB named pipe. The vulnerability is triggered when a long string is send as the "zone" parameter which causes the buffer overflow which crashes the service.

This check was previously part of smb-check-vulns.

Some Advice for Common Problems

The DNS Server Service may not be enabled by default in certain server role configurations. On Domain Controller with DNS Server Functionality, DNS Server, and Microsoft Small Business Server configurations the DNS Server Service is enabled by default.

The update removes the vulnerability by modifying the way that RPC validates the length of a message before it passes the message to the allocated buffer.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service