UPDATE: Sysdig Falco v0.10.0

PenTestIT RSS Feed Four weeks ago, I posted about Sysdig Falco v0.9.0. A week ago, the open source behavorial activity monitor which has container support was updated to Sysdig Falco v0.10.0. This release includes a number of improvements focused on making Falco easier to deploy, improvements wit...

Microsoft Issues Emergency Patch For Critical Flaw In Windows Containers

Just a few days prior to its monthly patch release, Microsoft released an emergency patch for a critical vulnerability in the Windows Host Compute Service Shim hcsshim library that could allow remote attackers to run malicious code on Windows computers. Windows Host Compute Service Shim hcsshim i...

Cloud Foundry Garden-runC Denial of Service Vulnerability

Cloud Foundry Garden-runC is a set of Garden-based container systems from the U.S. Cloud Foundry Foundation. A security vulnerability exists in Cloud Foundry Garden-runC versions prior to 1.13.0 that stems from a program failing to properly enforce disk quotas for the Docker image layer. A remote...

Code injection

Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc quotas for Docker image layers. A remote authenticated user may push an app with a malicious Docker image that will consume more space on a Diego cell than allocated in their quota, potentially causing a DoS...

CVE-2018-1277

Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc quotas for Docker image layers. A remote authenticated user may push an app with a malicious Docker image that will consume more space on a Diego cell than allocated in their quota, potentially causing a DoS...

CVE-2018-1277

Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc quotas for Docker image layers. A remote authenticated user may push an app with a malicious Docker image that will consume more space on a Diego cell than allocated in their quota, potentially causing a DoS...

CVE-2018-1277

Cloud Foundry Garden-runC vulnerability (CVE-2018-1277): Garden-runC/ cf-deployment prior to fixed versions fail to enforce disk quotas for Docker image layers, allowing a remote authenticated user to push a malicious image that can exhaust Diego cell disk space and cause a DoS. Affected: Garden-...

CVE-2018-1277

Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc quotas for Docker image layers. A remote authenticated user may push an app with a malicious Docker image that will consume more space on a Diego cell than allocated in their quota, potentially causing a DoS...

CVE-2018-1277: Garden does not correctly enforce Docker image disc quotas | Cloud Foundry

Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using garden-runc-release version prior to 1.13.0 You are using cf-deployment version prior to 1.28.0 Description Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc...

Updates for BASS

This blog post was authored by Jonas Zaddach and Mariano Graziano. Cisco Talos has rolled out a series of improvements to the BASS open-source framework aimed at speeding up its ability to provide coverage for new malware families. Talos released BASS, pronounced "bæs" an open-source framework...

Design/Logic Flaw

hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the containersetupmodules and hyperrescanscsi functions in container.c, related to runV 1.0.0 for Docker...

CVE-2018-10205

hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the containersetupmodules and hyperrescanscsi functions in container.c, related to runV 1.0.0 for Docker...

CVE-2018-10205

hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the containersetupmodules and hyperrescanscsi functions in container.c, related to runV 1.0.0 for Docker...

CVE-2018-10205

hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the containersetupmodules and hyperrescanscsi functions in container.c, related to runV 1.0.0 for Docker...

CVE-2018-10205

Affected product/component: HyperHQ Hyper’s hyperstart 1.0.0; vulnerable code paths are in container_setup_modules and hyper_rescan_scsi within container.c, related to runV 1.0.0 for Docker. Root cause / vulnerability type: memory leaks leading to memory exhaustion (as described in CVE records). ...

Docker Notary Forged Signature Vulnerability

Docker Notary is a set of tools for publishing and managing trusted content collections from Docker Inc. in the United States. A security vulnerability exists in the gotuf/signed/verify.go file in Docker Notary versions prior to 0.1. An attacker can exploit this vulnerability to forge signatures ...

Docker Notary Unauthorized Modification Vulnerability

Docker Notary is a set of tools for publishing and managing trusted content collections from Docker Inc. in the United States. A security vulnerability in the checkRoot function in the gotuf/client/client.go file in versions of Docker Notary prior to 0.1 stems from the program's failure to detect...

Git-All-Secrets - A Tool To Capture All The Git Secrets By Leveraging Multiple Open Source Git Searching Tools

git-all-secrets is a tool that can: Clone multiple public/private github repositories of an organization and scan them, Clone multiplepublic/private github repositories of a user that belongs to an organization and scan them, Clone a single public/private repository of an organization and scan it...

runV for Docker util.c file elevation of privilege vulnerability

runV for Docker is an OCI container runtime engine based on virtualization technology applied to Docker containers. A security vulnerability exists in the util.c file in runV for Docker version 1.0.0, which stems from the program's handling of usernames with numbers for tender correctness. An...

Code injection

util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697...