Exploiting Oracle WebLogic by Remote Code Execution with a /console endpoint restricted

This article explains how to exploit Oracle WebLogic for remote code execution by using valid credentials. Its useful during black-box security audits, pentests, and infrastructure audits, including automated vulnerability scanning. To set up an example playground, we will use the following docke...

Arbitrary Code Execution

gce-compute-image-packages is vulnerable to arbitrary code execution. The vulnerability exists through a privilege escalation flaw where a user with membership to the "docker" group is able to run docker and mount the host OS, and to modify /etc/groups to gain administrative privileges...

vulhub

It is an offensive tool for Docker environments. The primary vulnerability targeted by this repository is not explicitly stated, but it appears to be a collection of pre-built vulnerable Docker environments. The repository includes various Docker Compose files for different vulnerabilities,...

vulhub

It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable environments based on Docker-Compose, which can be used for web application security training. The tool is designed to be easy to use, requiring only two simple commands to...

Security update for singularity (important)

openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2020:1100-1 Rating: important References: 1174148 1174150 1174152 Cross-References: CVE-2020-13845 CVE-2020-13846 CVE-2020-13847 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes three...

Security update for docker-distribution (moderate)

openSUSE Security Update: Security update for docker-distribution Announcement ID: openSUSE-SU-2020:1433-1 Rating: moderate References: 1033172 1049850 Cross-References: CVE-2017-11468 Affected Products: openSUSE Backports SLE-15-SP2 An update that solves one vulnerability and has one errata is n...

Security Bulletin: IBM Cloud Pak for Multicloud Management Managed Service Content Runtime is affected by an issue with Docker before 19.03.11.

Summary IBM Cloud Pak for Multicloud Management Managed Service Content Runtime is affected by an issue in docker engine before 19.03.11 as described in CVE-2020-13401. If you have IBM Cloud Pak for Multicloud Management Managed Service Content Runtime with docker engine 19.03.10 or lower...

Exploit for SQL Injection in Librenms

CVE-2020-15873 Proof of Concept of CVE-2020-15873 - Blind SQL...

OPENSUSE-SU-2020:1433-1 Security update for docker-distribution

This update for docker-distribution fixes the following issues: - Enable build on %arm which include armv6, not only on armv7 - Enable ppc64le - Use correct URL to project - Remove fillup, we don't ship a sysconfig file - Correct systemd requires - Enable build on ARM - Upgraded to 2.7.1 - Suppor...

Design/Logic Flaw

A vulnerability in the Private Internet Access PIA VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel” OpenVPN bypass option. Th...

CVE-2020-15590

A vulnerability in the Private Internet Access PIA VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel” OpenVPN bypass option. Th...

CVE-2020-15590

CVE-2020-15590 affects the Private Internet Access (PIA) VPN Client for Linux (1.5–2.3+). The underlying issue is that when the VPN kill switch blocks all inbound/outbound traffic, privileged processes can still send/receive traffic if net.ipv4.ip_forward is enabled, enabling leakage of the host ...

Security Bulletin: Docker vulnerability affects IBM Spectrum Protect Plus (CVE-2020-13401)

Summary Docker is vulnerable to a man-in-the-middle attack which could affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2020-13401 DESCRIPTION: Docker Docker CE is vulnerable to a man-in-the-middle attack, caused by improper validation of router advertisements. By sending rogue...

DockerENT - The Only Open-Source Tool To Analyze Vulnerabilities And Configuration Issues With Running Docker Container(S) And Docker Networks

DockerENT is activE ruN time application security scanning T ool RAST tool and framework which is pluggable and written in python. It comes with a CLI application and clean Web Interface written with StreamLit. DockerENT has been designed keeping in mind that during deployments there weak...

vulhub

It is an offensive tool for Docker environments. The repository contains pre-built vulnerable environments based on Docker-Compose, allowing users to easily set up and test various vulnerabilities. The tool is designed to be user-friendly, requiring no prior knowledge of Docker, and can be...

vulhub

It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable docker environments for web application security training. The tool is designed to be easy to use, requiring only two simple commands to compile and run a vulnerable...

This Week in Security News: Microsoft Fixes 129 Vulnerabilities for September’s Patch Tuesday and Trend Micro’s XDR Offerings Simplify and Optimize Detection and Response

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about this month’s Patch Tuesday update from Microsoft. Also, learn about Trend Micro’s Worry-Free XDR: a new version of its XDR platfo...

Avcleaner - C/C++ Source Obfuscator For Antivirus Bypass

C/C++ source obfuscator for antivirus bypass. Build docker build . -t avcleaner docker run -v /dev/scrt/avcleaner:/home/toto -it avcleaner bash adapt /dev/scrt/avcleaner to the path where you cloned avcleaner sudo pacman -Syu mkdir CMakeBuild && cd CMakeBuild cmake .. make -j 2 ./avcleaner.bin...

Anchore Engine - A Service That Analyzes Docker Images And Applies User-Defined Acceptance Policies To Allow Automated Container Image Validation And Certification

For the most up-to-date information on Anchore Engine, Anchore CLI, and other Anchore software, please refer to the Anchore Documentation The Anchore Engine is an open-source project that provides a centralized service for inspection, analysis, and certification of container images. The Anchore...

TeamTNT Gains Full Remote Takeover of Cloud Instances

The TeamTNT cybercrime gang is back, attacking Docker and Kubernetes cloud instances by abusing a legitimate cloud-monitoring tool called Weave Scope, according to researchers. The open-source Weave Scope “provides a top down view into your app as well as your entire infrastructure, and allows yo...