Welcome to WebmasterWorld Guest from 54.242.193.41

Forum Moderators: bakedjake

Message Too Old, No Replies

Linux "Dirty Cow" Exploit: Patch Your Systems Now

     
11:27 am on Oct 21, 2016 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:26187
votes: 970


Apparently, this bug has been around for nine years, and can allow attackers root access to the OS.
There is a patch [lkml.org...]

While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild. Linux "Dirty Cow" Exploit: Patch Your Systems Now [arstechnica.com]
2:04 pm on Oct 21, 2016 (gmt 0)

Senior Member from KZ 

WebmasterWorld Senior Member lammert is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 10, 2005
posts: 2951
votes: 33


Thanks for the heads up.

Looking at the description of the vulnerability, it can be triggered by anyone who runs a specially crafted executable on the servers. Service providers allowing shell access or uploading and executing executables by third parties must patch their system immediately. Pure website servers shouldn't be exploitable, unless someone manages to upload a file through the web interface and then executes that executable through another vulnerability.
2:53 am on Oct 24, 2016 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts:15149
votes: 170


I'm regularly patching my systems anyway. I think most of the repos should have this one by now.