Windows 2000 flaw exposed by former hacker

A Venezuelan security consultant has released a small program designed to compromise Microsoft Internet Information Service servers that haven't had a recent security hole patched.

Monday's public release of the program's source code - known in security parlance as an exploit - will allow less technically knowledgeable system administrators to test for the existence of the vulnerability or allow less skillful miscreants to attack servers.

"I released (the code) to enlighten the public and to promote system security for administrators unfamiliar with these exploits," said Rafael Nunez, information security consultant for Scientech de Venezuela and a former hacker who used the handle "RaFa."

The release of the code on two security lists - BugTraq and VulnWatch - is the latest twist in the story of the Windows 2000 flaw that Microsoft announced a week ago.

The flaw, which Microsoft said could be exploited through the World Wide Web Distributed Authoring and Versioning (WebDAV) component of Internet Information Service (IIS) 5.0, allows an attacker to take control of the server. The flaw was discovered March 12 by the US military after a public web server was compromised by the vulnerability.

Microsoft declined to comment on the issue, except to say that customers should patch their systems. Nunez also stressed that system administrators need to patch their systems before a virus writer uses the vulnerability as a vector for a computer worm.

"This exploit is very serious," Nunez said. "Any unpatched system can allow a remote intruder to obtain full administrator privileges. This exploit can be used by some malicious programmers to write worms that can automate website defacements and other malevolent operations."

Nunez said that he got the code from other hackers on the internet and cleaned it up before sending it to the two security lists to be published.

Robert Lemos writes for News.com