Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.
{"nessus": [{"lastseen": "2023-05-18T14:22:43", "description": "Resolves: rhbz#1114810 - CVE-2014-3499 (correct bz#) Set mode,user,group in docker.socket file\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-07-14T00:00:00", "type": "nessus", "title": "Fedora 20 : docker-io-1.0.0-6.fc20 (2014-8021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3499"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:docker-io", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-8021.NASL", "href": "https://www.tenable.com/plugins/nessus/76483", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-8021.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76483);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3499\");\n script_bugtraq_id(68303);\n script_xref(name:\"FEDORA\", value:\"2014-8021\");\n\n script_name(english:\"Fedora 20 : docker-io-1.0.0-6.fc20 (2014-8021)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Resolves: rhbz#1114810 - CVE-2014-3499 (correct bz#) Set\nmode,user,group in docker.socket file\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1114810\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135378.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8a915c2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected docker-io package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:docker-io\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"docker-io-1.0.0-6.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"docker-io\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:36", "description": "Resolves: rhbz#1114810 - CVE-2014-3499 (correct bz#) Set mode,user,group in docker.socket file\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-07-14T00:00:00", "type": "nessus", "title": "Fedora 19 : docker-io-1.0.0-6.fc19 (2014-8034)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3499"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:docker-io", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2014-8034.NASL", "href": "https://www.tenable.com/plugins/nessus/76484", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-8034.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76484);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3499\");\n script_bugtraq_id(68303);\n script_xref(name:\"FEDORA\", value:\"2014-8034\");\n\n script_name(english:\"Fedora 19 : docker-io-1.0.0-6.fc19 (2014-8034)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Resolves: rhbz#1114810 - CVE-2014-3499 (correct bz#) Set\nmode,user,group in docker.socket file\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1114810\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135366.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cf74947b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected docker-io package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:docker-io\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"docker-io-1.0.0-6.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"docker-io\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:59", "description": "An updated docker package that fixes one security issue is now available for Red Hat Enterprise Linux 7 Extras.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nDocker is a service providing container management on Linux.\n\nIt was found that the socket used to manage the Docker service was world readable and writable. A local user could use this flaw to escalate their privileges to root. (CVE-2014-3499)\n\nRed Hat would like to thank Jon Stanley for reporting this issue.\n\nAll users of docker are advised to upgrade to this updated package, which corrects this issue. After applying this update, the docker service must be restarted for the update to take effect.", "cvss3": {}, "published": "2014-11-08T00:00:00", "type": "nessus", "title": "RHEL 7 : docker (RHSA-2014:0820)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3499"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:docker", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2014-0820.NASL", "href": "https://www.tenable.com/plugins/nessus/79034", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0820. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79034);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3499\");\n script_bugtraq_id(68297, 68303);\n script_xref(name:\"RHSA\", value:\"2014:0820\");\n\n script_name(english:\"RHEL 7 : docker (RHSA-2014:0820)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated docker package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 7 Extras.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nDocker is a service providing container management on Linux.\n\nIt was found that the socket used to manage the Docker service was\nworld readable and writable. A local user could use this flaw to\nescalate their privileges to root. (CVE-2014-3499)\n\nRed Hat would like to thank Jon Stanley for reporting this issue.\n\nAll users of docker are advised to upgrade to this updated package,\nwhich corrects this issue. After applying this update, the docker\nservice must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3499\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected docker package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:docker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0820\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"docker-0.11.1-22.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"docker\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhat": [{"lastseen": "2023-05-26T10:21:36", "description": "Docker is a service providing container management on Linux.\n\nIt was found that the socket used to manage the Docker service was world\nreadable and writable. A local user could use this flaw to escalate their\nprivileges to root. (CVE-2014-3499)\n\nRed Hat would like to thank Jon Stanley for reporting this issue.\n\nAll users of docker are advised to upgrade to this updated package, which\ncorrects this issue. After applying this update, the docker service must\nbe restarted for the update to take effect.\n", "cvss3": {}, "published": "2014-07-01T00:00:00", "type": "redhat", "title": "(RHSA-2014:0820) Important: docker security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3499"], "modified": "2015-04-24T10:21:00", "id": "RHSA-2014:0820", "href": "https://access.redhat.com/errata/RHSA-2014:0820", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "description": "Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. ", "cvss3": {}, "published": "2014-07-14T00:54:10", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: docker-io-1.0.0-6.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3499"], "modified": "2014-07-14T00:54:10", "id": "FEDORA:699EC21B86", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/AOPKFHTUWAVHP4VMG6DDENDV3OQ2WLLM/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. ", "cvss3": {}, "published": "2014-07-14T00:55:28", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: docker-io-1.0.0-6.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3499"], "modified": "2014-07-14T00:55:28", "id": "FEDORA:6764521B6C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CAU74YR7QF3O6ZX4N6LBTMQNEL6LG443/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2023-10-01T10:18:30", "description": "Docker 1.0.0 uses world-readable and world-writable permissions on the\nmanagement socket, which allows local users to gain privileges via\nunspecified vectors.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1111687>\n", "cvss3": {}, "published": "2014-07-11T00:00:00", "type": "ubuntucve", "title": "CVE-2014-3499", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3499"], "modified": "2014-07-11T00:00:00", "id": "UB:CVE-2014-3499", "href": "https://ubuntu.com/security/CVE-2014-3499", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:37:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-15T00:00:00", "type": "openvas", "title": "Fedora Update for docker-io FEDORA-2014-8034", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3499"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867973", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867973", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for docker-io FEDORA-2014-8034\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867973\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-15 14:48:20 +0530 (Tue, 15 Jul 2014)\");\n script_cve_id(\"CVE-2014-3499\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for docker-io FEDORA-2014-8034\");\n script_tag(name:\"affected\", value:\"docker-io on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-8034\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135366.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'docker-io'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"docker-io\", rpm:\"docker-io~1.0.0~6.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-15T00:00:00", "type": "openvas", "title": "Fedora Update for docker-io FEDORA-2014-8021", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3499"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867961", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867961", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for docker-io FEDORA-2014-8021\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867961\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-15 12:39:09 +0530 (Tue, 15 Jul 2014)\");\n script_cve_id(\"CVE-2014-3499\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for docker-io FEDORA-2014-8021\");\n script_tag(name:\"affected\", value:\"docker-io on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-8021\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135378.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'docker-io'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"docker-io\", rpm:\"docker-io~1.0.0~6.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "veracode": [{"lastseen": "2023-04-18T16:14:26", "description": "github.com/docker/docker is vulnerable to escalation of privileges. It uses world-readable and world-writable permissions on the management socket which allows local users to gain privileges.\n", "cvss3": {}, "published": "2017-05-03T05:37:40", "type": "veracode", "title": "Escalation Of Privileges", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3499"], "modified": "2023-02-13T01:51:30", "id": "VERACODE:4111", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-4111/summary", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-05-12T01:14:15", "description": "Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.", "cvss3": {}, "published": "2022-02-15T00:40:44", "type": "osv", "title": "Privilege Escalation in Docker", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3499"], "modified": "2021-05-20T21:11:35", "id": "OSV:GHSA-WXJ3-QWV4-CVFM", "href": "https://osv.dev/vulnerability/GHSA-wxj3-qwv4-cvfm", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T12:19:36", "description": "## CVE-2014-3499 docker.socket world accessible\r\n\r\n\r\n## \u6f0f\u6d1e\u7c7b\u578b\r\n\u8bbe\u8ba1\u9519\u8bef \u672c\u5730\u6743\u9650\u63d0\u5347\r\n\r\n## \u6f0f\u6d1e\u5206\u6790\r\nDocker 1.0.0\u4f7f\u7528\u5168\u5c40\u53ef\u8bfb\u53ef\u5199\u7684\u7ba1\u7406\u5957\u63a5\u5b57\uff0c\u8fd9\u79cd\u8bbe\u8ba1\u4f1a\u5141\u8bb8\u672c\u5730\u7528\u6237\u5229\u7528\u5199\u5957\u63a5\u5b57\uff0c\u83b7\u5f97\u7279\u6b8a\u7684\u6743\u9650\u3002\r\n\r\n\r\n## \u5177\u4f53\u5206\u6790\r\ndocker.socket \u5728docker 1.0.0\u7248\u672c\u65f6\uff0c\u5e76\u6ca1\u6709\u9650\u5236\u8bfb\u5199socket\u7684\u6743\u9650\uff0c\u5bfc\u81f4\u672c\u5730\u7528\u6237\u4efb\u4f55socket\u8bfb\u5199\u90fd\u80fd\u591f\u5b8c\u6210\u3002\r\n\u672c\u5730\u7528\u6237\u4f7f\u7528\u6784\u9020\u7684\u6076\u610f\u8bf7\u6c42\u5199\u5165\u5230socket\u4e2d\u4f1a\u5bfc\u81f4root\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\n\r\n## \u5177\u4f53\u8fc7\u7a0b\r\n\u5728init/systemd\u4e2d\uff0c docker.socket\u662f\u6307/var/run/docker.sock\u8fd9\u4e2a\u7ba1\u7406\u5957\u63a5\u5b57\uff0c\u4e3b\u8981\u4f5c\u7528\u4e3adocker client\u4e0edocker deamon\u901a\u4fe1\u63d0\u4f9b\u652f\u6301\u3002\u5728docker\u4e2d\uff0c\u6574\u4e2a\u547d\u4ee4\u7684\u4f20\u8f93\u5168\u90e8\u90fd\u4f9d\u9760socket\uff0c\u5728\u7ba1\u7406\u5957\u63a5\u5b57\u7684\u8bfb\u5199\u95ee\u9898\u4e0a\uff0c\u5982\u679c\u53ef\u4ee5\u8bfb\u5199\u7ba1\u7406\u5957\u63a5\u5b57\r\n\u90a3\u4e48docker client\u4e0edocker deamon\u7684\u4fe1\u606f\u6d41\u90fd\u53ef\u4ee5\u8bfb\u53d6\u548c\u4f2a\u9020\uff0c\u5e76\u53ef\u4ee5\u6784\u9020\u76f8\u5e94\u7684\u6570\u636e\u5305\u6765\u8ba9deamon\u6267\u884c\u76f8\u5173\u7684\u547d\u4ee4\u3002\r\n\r\n\r\n\u5173\u4e8e\u4e3a\u4ec0\u4e48docker\u9700\u8981root\u6743\u9650\u7684\u95ee\u9898\uff0c\u53ef\u89c1[Why we don't let non-root users run Docker in CentOS, Fedora, or RHEL](http://www.projectatomic.io/blog/2015/08/why-we-dont-let-non-root-users-run-docker-in-centos-fedora-or-rhel/)\r\n\r\n## \u6f0f\u6d1e\u9a8c\u8bc1\u65b9\u5f0f\r\ndocker \u7248\u672c\u5c0f\u4e8e1.0.0\u5747\u5b58\u5728 \r\n\r\n## \u5f71\u54cd\u7248\u672c\r\ndocker version <= 1.0.0 \r\n\r\n## \u4fee\u590d\u65b9\u6848\r\n\u5b98\u65b9\u9650\u5236\u4e86\u5957\u63a5\u5b57\u7684\u6743\u9650\uff1a \r\n\u5728\u6587\u4ef6contrib/init/systemd/socket-activation/docker.socket\u914d\u7f6e\u4e2d\r\n\r\n\t[Socket]\r\n\t ListenStream=/var/run/docker.sock\r\n\t # \u5bf9socket\u7684\u6743\u9650\u8fdb\u884c\u4e86\u63a7\u5236\r\n\t+SocketMode=0660 \r\n\t+SocketUser=root\r\n\t+SocketGroup=docker\r\n\t \t\t \r\n\t [Install]\r\n\t WantedBy=sockets.target\t\t\r\n\r\n\u8be6\u60c5\uff0c\u53ef\u89c1[Fix the systemd socket activation socket permissions](https://github.com/docker/docker/pull/6873/files)\r\n\r\n## \u53c2\u8003\u94fe\u63a5\r\n- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3499\r\n- https://github.com/docker/docker/issues/6836", "cvss3": {}, "published": "2016-01-13T00:00:00", "type": "seebug", "title": "docker 1.0.0 docker.socket world accessible", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-3499"], "modified": "2016-01-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-90394", "id": "SSV:90394", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "github": [{"lastseen": "2023-09-24T04:57:29", "description": "Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.", "cvss3": {}, "published": "2022-02-15T00:40:44", "type": "github", "title": "Privilege Escalation in Docker", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3499"], "modified": "2023-02-21T05:06:24", "id": "GHSA-WXJ3-QWV4-CVFM", "href": "https://github.com/advisories/GHSA-wxj3-qwv4-cvfm", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2023-09-30T11:56:35", "description": "Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.", "cvss3": {}, "published": "2014-07-11T14:55:00", "type": "debiancve", "title": "CVE-2014-3499", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3499"], "modified": "2014-07-11T14:55:00", "id": "DEBIANCVE:CVE-2014-3499", "href": "https://security-tracker.debian.org/tracker/CVE-2014-3499", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
CVE-2014-3499
