Spectracom - Essential Ingenuity

Dirty COW Vulnerability

Question

Are Spectracom products vulnerable to CVE-2016-5195 “Dirty COW”?

Answer

Spectracom products are only susceptible if an attacker can successfully login to the product through SSH/Telnet. They would then be able to exploit the vulnerability which will allow them to gain root access to the device.

Products Affected
  • SecureSync
  • NetClock
  • VelaSync
  • VersaSync
Description of the Vulnerability

The Dirty COW vulnerability has been present in Linux kernels for roughly the past nine years.

This vulnerability can be exploited by attackers that have gained shell access to a Linux device. Once an attacker has access to the shell of the device they can elevate themselves to gain root access on the device.

Risk Analysis and Recommendation

Spectracom products utilize a variety of authentication mechanisms to mitigate unauthorized users from gaining access to the network time server products. Spectracom recommends using username and password best practices on all accounts. These best practices include ensuring default passwords are changed, and configuring password rules/aging on the device. Additional centralized authentication mechanisms, such as LDAP and/or RADIUS can be utilized as well.

If username and password best practices are used this will mitigate risk of an external attacker exploiting the Dirty COW vulnerability.

A fix for this vulnerability was implemented in June 2017 with the 5.7.0 SW release as part of a Linux Kernel update.

Was this information helpful?

 Yes  No