Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the Linux Kernel.
A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings.
Impact
- An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system and gain root access instantly.
- This flaw allows an attacker with a local system account to modify on-disk binaries, bypassing the standard permission mechanisms that would prevent modification without an appropriate permission set.
It’s highly recommended to patch the system kernel in all Debian, Ubuntu, CentOS and RHEL distros to prevent system breakage.
Are you running a vulnerable version?
If you are not a customer subscribed under our Server Management plan and would like to have this vulnerability patched please purchase a 1x Hour of Support plan.
Don’t hesitate to contact us for any questions you may have through our Contact Form page or LiveChat!
We have been getting number of attack reports from clients with Wordpress installs and further investigating we found a global attacks on wordpress.
Right now there is a very severe and global attack on all Wordpress sites on the Internet and almost all hosting providers are affected. The attack is a brute-force attack which is global and highly distributed, This attack is well organized and again very, very distributed; we have seen high number of spoofed IP addresses involved in this attack. As the IP’s are spoofed, blocking the IP’s does not help much.
If you need any asisstance in blocking this attacks please submit a 1x Hour of Support plan and we will help you right after!
Don’t hesitate to contact us if you have any questions or need further assistance.
MariaDB versus MySQL - Compatibility
MariaDB is a binary drop in replacement for MySQL
For all practical purposes, MariaDB is a binary drop in replacement of the same MySQL version (for example MySQL 5.1 -> MariaDB 5.1, MariaDB 5.2 & MariaDB 5.3 are compatible. MySQL 5.5 will be compatible with MariaDB 5.5). What this means is that:
Data and table definition files (.frm) files are binary compatible.
All client APIs, protocols and structs are identical.
All filenames, binaries, paths, ports, sockets, and etc… should be the same.
All MySQL connectors (PHP, Perl, Python, Java, .NET, MyODBC, Ruby, MySQL C connector etc) work unchanged with MariaDB.
There are some installation issues with PHP5 that you should be aware of (a bug in how the old PHP5 client checks library compatibility).
The mysql-client package also works with MariaDB server.
The shared client library is binary compatible with MySQL’s client library.
This means that for most cases, you can just uninstall MySQL and install MariaDB and you are good to go. (No need to convert any datafiles if you use same main version, like 5.1).
Reference : https://kb.askmonty.org/
Restoring a User’s Database Access For WHM version 11.36
If a database user loses access to databases, you may be able to restore the user’s grants to the database using the restoregrants utility.
Using Restoregrants to Restore the User’s Database Access
Execute one of the following commands from the command line:
/usr/local/cpanel/bin/restoregrants –cpuser=$cpuser –db={mysql, pg} –dbuser=$dbuser
or
/usr/local/cpanel/bin/restoregrants –cpuser=$cpuser –db={mysql, pg} –all
$cpuser The cPanel username which has lost access to databases.
{mysql, pg} The type of database: mysql for MySQL or pg for PostgreSQL.
$dbuser The database user whose privileges you wish to restore.
ERROR 2006: MySQL Server has gone away
When trying to load a large SQL dump, I get ERROR 2006: MySQL Server has gone away.
Version 5.0: http://dev.mysql.com/doc/refman/5.0/en/gone-away.html
Version 5.5: http://dev.mysql.com/doc/refman/5.5/en/gone-away.html
Most likely, you will need to restart mysqld with the -O max_allowed_packet=# option.
A communication packet is a single SQL statement sent to the MySQL server, a single row that is sent to the client, or a binary log event sent from a master replication server to a slave.
The largest possible packet that can be transmitted to or from a MySQL 5.1 server or client is 1GB.