Is dirtycow unharmful without shell access?

Question

Let's say have a linux server to which only I have shell access and all other users shells are disabled. Is there any reason to be preoccupied?

score 6 · Accepted Answer · answered Oct 26 '16 at 16:49

6

Dirty cow does not need shell access. It only needs the ability to execute own software. This can for example also be done by using a security problem in a web application to upload and execute remote code.

answered Oct 26 '16 at 16:49

Steffen Ullrich

184,332
29
363
424

score 0 · Answer 2 · answered Nov 16 '17 at 20:38

0

A more complete answer in my opinion:

You could execute dirtycow exploit if you have:

shell access; RCE in web server or anything else; a social engineered customer support; etc

You should fully understand or at least partially understand how the exploit works to understand it's possibilities of being executed. Read up on it at: github.com/dirtycow/

Multiple versions of it hosted on that account.

answered Nov 16 '17 at 20:38

School Student

1

I'm not sure how this is more complete. All you have added to the other answer was "a social engineered customer support, etc." – schroeder Nov 16 '17 at 22:02

Is dirtycow unharmful without shell access?

2 Answers2