9246 matches found
Gorsair - Hacks Its Way Into Remote Docker Containers That Expose Their APIs
Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access to the docker daemon, you can use Gorsair to directly execute commands on remote containers. Exposing the docker API on the internet is a tremendous risk,...
Metasploit Wrap-Up
Containers that fail to Contain Our own Christophe De La Fuente added a module for CVE-2019-5736 based on the work of Adam Iwaniuk that breaks out of a Docker container by overwriting the runc binary of an image which is run in the user context whenever someone outside the container runs docker...
Docker Container Escape Via runC Overwrite
This module leverages a flaw in runc to escape a Docker container and get command execution on the host as root. This vulnerability is identified as CVE-2019-5736. It overwrites the runc binary with the payload and wait for someone to use docker exec to get into the container. This will trigger t...
Docker Container Escape Exploit
This Metasploit module leverages a flaw in runc to escape a Docker container and get command execution on the host as root. This vulnerability is identified as CVE-2019-5736. It overwrites the runc binary with the payload and waits for someone to use docker exec to get into the container. This wi...
Docker Container Escape
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Container Escape Via runC Overwrite', 'Description' = %q This module leverages a flaw in runc to escape a Docker container and get command...
vulhub
This repository is an offensive tool for creating vulnerable environments based on Docker-Compose. It is a pre-built collection of vulnerable environments for testing and practicing defensive security skills. The repository contains various vulnerable environments, including CouchDB, FFmpeg, Git,...
docker-engine docker-cli security update
docker-engine 19.03.11-11 - Addresses CVE-2021-30465 - updated runc minimum version to runc = 3:1.0.0-1.rc95. 19.03.11-10 - Addresses runc CVE-2021-30465 - updated runc versions in cli/vendor.conf and docker-engine/vendor.conf to 1.0.0-rc95...
docker-engine docker-cli security update
docker-engine 19.03.11-11 - Addresses CVE-2021-30465 - updated runc minimum version to runc = 3:1.0.0-1.rc95. 19.03.11-10 - Addresses runc CVE-2021-30465 - updated runc versions in cli/vendor.conf and docker-engine/vendor.conf to 1.0.0-rc95...
Oracle Linux 7 : docker-engine / docker-cli (ELSA-2021-9329)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9329 advisory. - Addresses CVE-2021-30465 - updated runc minimum version to runc = 3:1.0.0-1.rc95. Tenable has extracted the preceding description block directly from the Orac...
Oracle Linux 7 : docker-engine / docker-cli (ELSA-2021-15112)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-15112 advisory. - Addresses CVE-2021-30465 - updated runc minimum version to runc = 3:1.0.0-1.rc95. Tenable has extracted the preceding description block directly from the...
AWS Pen-Testing Laboratory - Pentesting Lab With A Kali Linux Instance Accessible Via Ssh And Wireguard VPN And With Vulnerable Instances In A Private Subnet
PenTesting laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wireguard VPN. Vulnerable instances in a private subnet. NOTE: Ids only defined for region "eu-west-1" For other regions, kali ami id must be specified and metasploitable3 id after...
Security Bulletin: Vulnerabilities in MongoDB, Node.js, Docker, and XStream affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus may be affected by vulnerabilities in MongoDB, Node.js, Docker, and XStream such as server-side request forgery, bypass of security restrictions, denial of service, execution of arbitrary code, elevation of privileges, and arbitrary file deletion. Vulnerability...
GHSA-2JX8-V4HV-GX3H XXE vulnerability in Launch import
| Release Date | Affected Projects | Affected Versions | Access Vector| Security Risk | |--------------|-------------------|-------------------|---------------|---------------| | Monday, May 4, 2020| service-api | Every version, starting from 3.1.0 | Remote | Medium | Impact Starting from version...
GHSA-24WF-7VF2-PV59 XXE vulnerability on Launch import with externally-defined DTD file
Impact Starting from version 3.1.0 we introduced a new feature of JUnit XML launch import. Unfortunately XML parser was not configured properly to prevent XML external entity XXE attacks. This allows a user to import a specifically-crafted XML file which imports external Document Type Definition...
XXE vulnerability on Launch import with externally-defined DTD file
Impact Starting from version 3.1.0 we introduced a new feature of JUnit XML launch import. Unfortunately XML parser was not configured properly to prevent XML external entity XXE attacks. This allows a user to import a specifically-crafted XML file which imports external Document Type Definition...
openSUSE 15 Security Update : containerd, docker, runc (openSUSE-SU-2021:0878-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0878-1 advisory. - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root...
Mythic - A Collaborative, Multi-Platform, Red Teaming Framework
A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It's designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout red teaming. Details Check out a series of YouTube videos...
Unauthorized Access Vulnerability in Portainer
Portainer is a graphical management tool for visualizing container images. With Portainer you can easily build, manage and maintain Docker environments. An unauthorized access vulnerability exists in Portainer. An attacker could exploit the vulnerability to obtain sensitive information...
GHSA-JJ6M-R8JC-2GP7 Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings
Impact All versions of Pterodactyl Wings preior to 1.4.4 are vulnerable to system resource exhaustion due to improper container process limits being defined. A malicious user can consume more resources than intended and cause downstream impacts to other clients on the same hardware, eventually...
Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings
Impact All versions of Pterodactyl Wings preior to 1.4.4 are vulnerable to system resource exhaustion due to improper container process limits being defined. A malicious user can consume more resources than intended and cause downstream impacts to other clients on the same hardware, eventually...