SeaCat Application Security Technology Is Not Impacted by the Dirty Cow Issue (CVE-2016-5195)

Tuesday, October 25, 2016

The new vulnerability, DirtyCOW, (CVE-2016-5195) exploits a flaw in private read-only memory mappings. However, this critical impact vulnerability has existed in Linux for nine years and only got discovered recently.

DirtyCOW allows applications and users to elevate user rights and gain unlimited access to the operating system. Millions of Linux installations are vulnerable including many Android phones because Android was built on Linux.

This vulnerability is caused by a breakage of read-only memory mapping in a copy-on-write (COW) process. Although DirtyCOW can only be exploited locally, the risk is very high because there are many available working exploits on the Internet.

Recommendation:

The fix for this vulnerability only makes a small change in the copy-on-write processing, and already available for all the main Linux distributions.

If you are sure that you uses only approved applications installed on the server, and no other user has access to this server, you are probably not susceptible to data loss. Otherwise, your data can be lost or stolen. Please be aware that your system log does not register a successful exploitation of the DirtyCow.

In all cases, it's extremely importantly to apply the patch. If you'd like assistance or have any question please contact support@teskalabs.com. Alternatively, look at our documentation to know more about SeaCat application security.

Reference:

  1. https://dirtycow.ninja/



You Might Be Interested in Reading These Articles

OpenSSL DROWN Vulnerability Affects Millions of HTTPS Websites and Software Supporting SSLv2 (CVE-2016-0800)

DROWN is caused by legacy OpenSSL SSLv2 protocol, known to have many deficiencies. Security experts have recommended to turn it off, but apparently many servers still support it because disabling SSLv2 requires non-default reconfiguration of the SSL cryptographic settings which is not easy for common IT people who have limited security knowledge and don’t know the location to disable this protocol and the way to disable it.

Continue reading ...

security bulletin blog

Published on April 12, 2016

TeskaLabs’ Technology SeaCat Unaffected by GNU C Library Security Vulnerability (CVE-2015-7547)

TeskaLabs, a Prague and London based startup in application security, today affirmed that their core products are not exposed to the GLibC flaw, a highly critical security vulnerability. There is now a rapidly growing number of IoT devices that use Linux as their operating system and inherently GLibC.

Continue reading ...

press bulletin blog

Published on February 17, 2016

SeaCat Technology and the Latest OpenSSL Update (1.1.0e)

We help you to operate your mobile and IoT apps securely. You may have noticed that OpenSSL released a new version on February 16, 2017. The new version fixed one high-severity issue regarding renegotiation of the Encrypt-then-MAC (EtM) extension.

Continue reading ...

bulletin

Published on February 21, 2017