Microsoft Windows Server 2003 R2 IIS 6.0 Remote Code Execution Technical Analysis and Solution

On March 37, Zhiniang Peng and Chen Wu disclosed the Internet Information Services (IIS) 6.0 WebDAV remote code execution vulnerability, which has been assigned CVE-2017-7269 and CNNVD-201703-1151. This vulnerability, which could cause buffer overflows, is associated with the ScStoragePathFromUrl function in the WebDAV service in IIS 6.0 in Microsoft Windows Server 2003 R2.

Dahua Cameras Unauthorized Access Vulnerability Technical Analysis and Solution

Recently, Dahua Technology, a well-known security camera and digital video recorder (DVR) vendor in China, released firmware updates to address a serious security issue in certain products. Before the vendor made an official statement on this issue, however, a security researcher named Bashis said that this vulnerability seemed to be a backdoor intentionally left by the vendor and so made his findings public without notifying Dahua in advance.

German Internet Outage on November 27 Technical Analysis and Solution

On November 27 (Sunday), at around 17:00 (local time), Deutsche Telekom was hit by a cyberattack, resulting in more than 900,000 routers getting disconnected, as confirmed by the company. The outage lasted several hours. Later, the problems continued on Monday morning from 08:00. Besides network access, the affected routers are used by Deutsche Telekom customers for fixed telephony and TV services.

Nginx Local Privilege Escalation Vulnerability Technical Analysis and Solution

On November 15, 2016 (local time), legalhackers.com released an advisory about a privilege escalation vulnerability, assigned CVE-2016-1247, found in the Nginx server. Nginx web server packaging on Debian-based distributions, such as Debian or Ubuntu, was found to allow creating log directories with insecure permissions.

Linux Kernel Local Privilege Escalation Vulnerability Technical Analysis and Solution

The memory subsystem of the Linux kernel contains a race condition in the way of handling the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could exploit this vulnerability to gain write access to otherwise read-only memory mappings, thus escalating his or her privileges on the system.

MySQL Remote Code Execution/Privilege Escalation Vulnerability Technical Analysis and Solution

On September 12, 2016, legalhackers.com released a security advisory concerning a 0-day vulnerability that is assigned CVE-2016-6662. This vulnerability allows attackers to remotely inject malicious settings into a MySQL configuration file (my.cnf), leading to critical consequences. It affects MySQL servers in default configuration in all version branches (5.7, 5.6, and 5.5), including the latest versions. MySQL clones like MariaDB and PerconaDB are also affected.