The majority of this blog post is related to Linux, but there is also an advisory regarding IIS 6.0 on Windows Server 2003 R2.

First to Linux: A kernel issue was discovered two years ago, identified as CVE-2017-1000253* by Google researcher Michael Davidson in April 2015. It was not considered serious, and as such, a patch for this flaw had not been released until now. Why now? Qualys Research Labs have found the vulnerability can be exploited as below:

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on 14 April 2015) are vulnerable to CVE-2017-1000253, a Local Privilege Escalation.

Most notably, all versions of CentOS 7 before 1708 (released on 13 September 2017), all versions of Red Hat Enterprise Linux 7 before 7.4 (released on 1 August 2017), and all versions of CentOS 6 and Red Hat Enterprise Linux 6 are exploitable.

The full advisory from Qualys can be found here: https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt

Now on to Windows Server 2003 R2. Not much of this around? From 14 July 2015, this version is no longer receiving security updates and as such is vulnerable to any flaws found since that date. According to Grantek: https://grantek.com/windows-server-2003-still-alive-but-not-well/

There are still around 600,000 IIS 6.0 web servers on 2003 out there facing the Internet, with a vulnerability which allows cybercriminals to generate Monero cryptocoins on these vulnerable servers. The vulnerability CVE-2017-1769 was discovered by Zhiniang Peng and Chen Wu in March 2017. The only solution? Upgrade to a supported version of Windows Server, and patch frequently!

*CVE is the abbreviation for Common Vulnerabilities and Exposures.

Stay safe, Terry Griffin

DDLS Principal Technologist: Security



Feature Articles


Blog
2024-2025 Government Budget: Focusing investment in cyber security skilling
By Jeremy Daly | 1 July 2024
Blog
The Growing Importance of Management Skills and the AMA CPM Certification in 2024
By Gary Duffield | 29 July 2024
Blog
The ASD’s Essential Eight: How to Implement Cyber Security Strategies with Training
By Leif Pedersen | 14 October 2024
Blog
5 Common RPL Challenges and How to Overcome Them
By Shanil Sharma | 15 August 2024
Blog
Transforming Your Business and Workforce with Microsoft AI Training
By Leif Pedersen | 30 July 2024
Blog
Security maturity is not a technical-only problem - invest in your people
By Jeremy Daly | 11 November 2024