No you read that right. DirtyCow – or copy-on-write for those inclined – is the latest hidden vulnerability to hit unprotected servers and in some cases Linux driven smartphones.
What is DirtyCow?
DirtyCow, or officially called CVE–2016–5195, has actually been in existence for 9 years. It actively allows attackers to target permissions to allow for privilege escalation in the Linux Kernel. Ultimately handing over control to the attacker.
Phil Oester was able to detect this as it was used in an attempt to take over a server that he was running.
Although not as bad as previous exploits (Heartbleed, OpenSSL) security experts do say that if you have a patch available to update it anyway. Even though this is less likely to be exploited, Dirty Cow should still be taken seriously because there is evidence of abuse. Although, as its not your standard update to Linux packages, updating the Kernel does require a server reboot.
Here at Tickbox, and working with our hosting partners Rackspace, we actively seek to make sure our servers remain up to date, to control critical issues that can plague unprotected web servers. Our servers were patched, cleaned and back up and running within a blink of an eye!
If you have concerns about your hosting environment and/or need an agency to aid with any issues like this, please do contact us on 0117 325 0091 or email us firstname.lastname@example.org - and we will be more than happy to help. We will be able to cater for any needs be it web hosting or Service Level Agreements (SLA’s).