11 comments

[ 4.6 ms ] story [ 53.2 ms ] thread
This has immature and false information.

Mostly, yes exploits in the wild have been detected in HTTP requests, and as the researcher assumes this exploit could have existed for a very long time.

And it's not a local privilege escalation only as the write up assumes, it was exploited remotely!

Can you show your sources? Others appear to disagree with you.
Presumably a RCE exploit is used to run this PE attack...
> Dirty COW

For a second that sounded like the group "Cult of the dead cow" and their showpiece trojan "Back Orifice", designed to popularize the insecurity of Windows 98.

(comment deleted)
I like how "Am I affected by the bug?" part checks your user agent string for "Linux" and says "yes" or "no" accordingly.

As if I wasn't reading that page from a phone while running Linux on a server. Then again, the exploit didn't work for me on unpatched 3.4.112 kernel, so it might actually be correct.

I don't think it's checking is quite right. It says 'yes' when I'm viewing the page on a Windows phone!
Bad choice of name; in English English at least, "dirty cow" is a misogynist slur.
I will second this. I agree that it's an unfortunate clash of colloquialisms between American and English English.
Wow, the t-shirt prices are outrageous. That seems like a lot of work to make a joke store.