Select Page

How to fix Magento dirty cow vulnerability alert!

How to fix Magento dirty cow vulnerability alert!

Are you a website owner? Do you have Magento shopping cart in your site? Is your server running an insecure version of Linux kernel?

If the answers to these questions are ‘yes’, then you’d be noticing a ‘Dirty COW vulnerability’ alert in your Magento admin dashboard.

What is Magento dirty cow vulnerability alert?

Magento is an open source shopping cart software that accounts for 29.1% of market share now. Magento sites mostly run on Linux servers.

Since Dirty COW vulnerability is a bug in the Linux kernel, it affects all servers that run Linux OS flavors – such as RedHat, Ubuntu, CentOS, etc.

Website owners who manage the Magento cart would see this message upon login to the admin portal as the ‘admin’ user at http://magento-site.com:8096/admin/ –

'Latest Message: Dirty COW Linux OS Vulnerability – 10/25/2016 Read details'

 

Dirty COW vulnerability alert in Magento

Dirty COW vulnerability alert in Magento

Why is Magento dirty cow warning critical?

Further inspection of this alert message shows that it is a critical warning and the solution is to update the OS in your server to secure kernel version without delay.

 

Magento dirty COW vulnerability message

Magento dirty COW vulnerability message

 

Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the Linux Kernel that can allow a local user to gain root access to the server.

Exploiting a race condition that handle kernel’s memory operations, an attacker can execute malicious code and compromise the whole server.

If your website has Magento store setup for online transactions, the attackers can steal confidential information such as credit card details, once they gain root access.

As Dirty COW vulnerability allows hackers to obtain super user privilege to the server and do anything in it, this is a critical exploit that has to be fixed without delay.

To know more about the vulnerability and the OS versions that are affected, read our post on Dirty Cow vulnerability.


Get a FREE consultation

Do you spend all day answering technical support queries?

Wish you had more time to focus on your business? Let us help you.

We free up your time by taking care of your customers and servers. Our engineers monitor your servers 24/7, and support your customers over help desk, live chat and phone.

Talk to our technical support specialist today to know how we can keep your service top notch!

TALK TO AN EXPERT NOW!




Bobcares provides Outsourced Hosting Support and Outsourced Server Management for online businesses. Our services include Hosting Support Services, server support, help desk support, live chat support and phone support.

Submit a Comment

Your email address will not be published. Required fields are marked *

Bobcares
Bobcares is a server management company that helps businesses deliver uninterrupted and secure online services. Our engineers manage close to 51,500 servers that include virtualized servers, cloud infrastructure, physical server clusters, and more.
MORE ABOUT BOBCARES