Docker Containers Riddled with Graboid Crypto-Worm

The Docker cloud containerization technology is the target for a just-discovered cryptojacking worm dubbed Graboid. According to researchers at Palo Alto’s Unit 42, the worm, which looks to mine the Monero cryptocurrency, has infected more than 2,000 unsecured Docker Engine Community Edition host...

docker: command injection due to a missing validation of the git ref command

A command injection flaw was discovered in Docker during the docker build command. By providing a specially crafted path argument for the container to build, it is possible to inject command options to the git fetch/git checkout commands that are executed by Docker and to execute code with the...

Moderate: Red Hat Bug Fix Advisory: docker bug fix update

Updated docker package that fixes two bugs is now available for Red Hat Enterprise Linux 7 Extras. Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. The docker package contains docke...

The vulnerability of the docker build mechanism, a tool for automating the deployment and management of applications in containerized environments, allows an attacker to gain unauthorized access to information, cause service failures, or affect the availability of information.

The vulnerability of the docker build mechanism, a tool for automating the deployment and management of applications in containerized environments, is related to insufficient testing of arguments passed in commands. Exploiting this vulnerability can allow attackers to gain unauthorized access to...

The vulnerability of the automation tool for deploying and managing applications in Docker-based environments, related to the disclosure of information through registration files, allows a malicious actor to gain unauthorized access to this information.

The vulnerability of the automation tool for deploying and managing applications in Docker-enabled environments is related to the disclosure of information through registration files. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to...

The vulnerability of the automation tools for deploying and managing applications in Docker-enabled environments relates to errors in code generation. This allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the automation tool for deploying and managing applications in Docker-enabled environments is related to errors in code generation during dynamic library loading. Exploiting this vulnerability can allow a malicious actor to compromise data integrity, gain unauthorized access ...

Podman & Varlink 1.5.1 - Remote Code Execution Exploit

Exploit Title: Podman & Varlink 1.5.1 - Remote Code Execution Exploit Author: Jeremy Brown Date: 2019-10-15 Vendor Homepage: https://podman.io/ Software Link: dnf install podman or https://github.com/containers/libpod/releases Version: 1.5.1 Tested on: Fedora Server 30 !/usr/bin/python -- coding:...

Podman Varlink 1.5.1 - Remote Code Execution

Podman Varlink 1.5.1 - Remote Code Execution Exploit Title: Podman & Varlink 1.5.1 - Remote Code Execution Exploit Author: Jeremy Brown Date: 2019-10-15 Vendor Homepage: https://podman.io/ Software Link: dnf install podman or https://github.com/containers/libpod/releases Version: 1.5.1 Tested on:...

QIWI: Раскрытие чувствительной информации composer.lock docker-compose.yml

Sensitive information disclosure in composer.lock and docker-compose.yml i die ███████████████████████████ ███████▀▀▀░░░░░░░▀▀▀███████ ████▀░░░░░░░░░░░░░░░░░▀████ ███│░░░░░░░░░░░░░░░░░░░│███ ██▌│░░░░░░░░░░░░░░░░░░░│▐██ ██░└┐░░░░░░░░░░░░░░░░░┌┘░██ ██░░└┐░░░░░░░░░░░░░░░┌┘░░██...

CloudBees Jenkins CloudShare Docker-Machine Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. The product is mainly used to monitor continuous software version release/testing projects and some timed tasks.CloudShare Docker-Machine Plugin is used in one of the plugin for building and...

CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

SUSE-SU-2019:1368-2 Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root

This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues: - CVE-2019-5021: Include an invalidated root password by default, not an empty one bsc1134524...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly stated, but the repository contains various vulnerable environments and exploits for different vulnerabilities, including CVE-2016-9086, CVE-2017-1000353, and CVE-2018-1000006. The...

box.js - A Tool For Studying JavaScript Malware

A utility to analyze malicious JavaScript. Installation Simply install box-js from npm: npm install box-js --global Usage Looking to use box-js with Cuckoo? Use cuckoo-package.py as an analysis package. Let's say you have a sample called sample.js: to analyze it, simply run box-js sample.js Chanc...

Tarnish - A Chrome Extension Static Analysis Tool To Help Aide In Security Reviews

tarnish is a static-analysis tool to aid researchers in security reviews of Chrome extensions. It automates much of the regular grunt work and helps you quickly identify potential security vulnerabilities. This tool accompanies the research blog post which can be found here. If you don't want to ...

vulhub

It is an offensive tool for Vulnerability Research and Training. The repository, vulhub, contains pre-built vulnerable environments based on Docker-Compose. The primary vulnerability is not explicitly stated, but the repository includes various vulnerable environments, such as Flask SSTI, Apache...

Security Bulletin: IBM Cloud Private for Data is affected by an issue with runc used by Docker

Summary IBM Cloud Private for Data is affected by an issue with runc used by Docker. The vulnerability allows a malicious container to overwrite the host runc binary and thus gain root-level code execution on the host. Vulnerability Details CVEID: CVE-2019-5736 DESCRIPTION: Runc could allow a loc...

docker-engine security update

18.09.8-1.0.4 - Modified version to include ol suffix 18.09.8-1.0.3 - ol7 image related changes 18.09.8-1.0.2 - Merge upstream for CVE fixes...

Lockdoor Framework - A Penetration Testing Framework With Cyber Security Resources

Lockdoor Framework : A Penetration Testing Framework With Cyber Security Resources. 09/2019 : 1.0Beta Information Gathring Tools 21 Web Hacking Tools15 Reverse Engineering Tools 15 Exploitation Tools 6 Pentesting & Security Assessment Findings Report Templates 6 Password Attack Tools 4 Shell Tool...

Denial Of Service (DoS)

github.com/docker/cli is vulnerable to denial of service. The vulnerability exists as it was possible to cause the billion laughs attack through parsing a malicious yaml file causing an application crash...