Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 7037 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CVE–2016–5195 - 'Dirty Cow' Linux vulnerability

SimonSlater

I take it Sophos UTMs are exposed to this vulnerability and Sophos is releasing a Patch for all models affected soon? 



This thread was automatically locked due to age.
  • +1

    Hi Simon,

    Reading more on that CVE tells me it only applies if someone malicious or otherwise has already gained access to the shell of the UTM via loginuser (if they got to root first, you're stuffed anyway). Considering the SSH will only be exposed through adiministrative or test interaction and should (in best practice) be severely restricted, this has very limited impact withe UTM. Unlike a Linux webserver, virtual host or user device wherein there would be general interaction from multiple third parties.

    However it is a legitimate concern, hopefully there is a patch in the pipeline :)

    Emile

  • 0

     is correct in his statement. Thanks!

    Sophos UTM is affected by the DirtyCow CVE-2016-5195. However it requires you to have successful shell login to exploit. Once logged in, there's nothing left to exploit. We recommend to always use a strong password and minimize shell access to just the networks you trust. Sophos will be patching it in a future update.

Unfiltered HTML