MDAC Remote Data Service Vulnerability

The MDAC Remote Data Service (RDS) is a component of the Microsoft Data Access Components (MDAC), which was used in IIS 3.x and 4.x web servers. This vulnerability allows remote attackers to execute arbitrary commands, posing a significant risk to system security.

You're affected if you use MDAC version 2.8 or earlier on IIS 3.x or 4.x. To check for the presence of this component:

find / -name "msmdac.dll" 2>/dev/null

Note: This vulnerability is specific to MDAC 2.8 and earlier versions, not later versions.

To fix this vulnerability, upgrade to a newer version of MDAC that doesn't expose these unsafe methods. You can download the latest version from Microsoft's official website:

• Windows Server 2003 Service Pack 1: https://support.microsoft.com/en-us/help/2633927/windows-server-2003-service-pack-1
• Windows Server 2003 R2: https://support.microsoft.com/en-us/help/2654755/windows-server-2003-r2

Alternatively, you can apply the following immediate mitigations:

• Disable the MDAC Remote Data Service by setting the "RDS" service to manual start in the Windows Services console.
• Use a web application firewall (WAF) or intrusion detection system (IDS) to monitor and block suspicious traffic.

• www.ciac.org
• www.osvdb.org
• docs.microsoft.com
• docs.microsoft.com
• www.securityfocus.com
• www.ciac.org
• www.osvdb.org
• docs.microsoft.com
• docs.microsoft.com
• www.securityfocus.com