48Bits has released code for remotely exploiting vulnerable Windows 2000 machines via the RPC interface.

A little bit of background. Ten days ago ZDI published an advisory about a stack overflow in the Microsoft Windows Message Queuing Service (CVE-2007-3039). At the same time Microsoft released a patch (MS07-065) which replaces MS05-017 and fixes this issue under Windows 2000 SP4 and Windows XP SP2.

The vulnerability affects Windows XP and has been rated Moderate as it requires local exploitation. However under Windows 2000 it can be exploited remotely and has been labeled Important.

If you manage Windows 2000 machines make sure that you either:

a) apply the patch,
b) disable Microsoft Windows Message Queuing Service, or
c) block inbound traffic on ports higher than 1024 or specially configured RPC ports.