121 matches found
MiracleLinux 7 : runc-1.0.0-59.dev.git2abd837.el7 (AXSA:2019-3769:03)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3769:03 advisory. Security Fix - runc /proc/self/exe docker exec root runc root CVE-2019-5736 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block...
EUVD-2019-4094
Malware in sbrugna...
EUVD-2020-6450
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-5736
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary and consequently obtain host root...
Photon OS 3.0: Docker PHSA-2019-3.0-0001
An update of the docker package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0001. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
RHEL 7 : runc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - runc: Execution of malicious containers allows for container escape and access to host filesystem...
RHEL 7 : runc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - runc: Execution of malicious containers allows for container escape and access to host filesystem...
Oracle Linux 7 : docker-engine (ELSA-2019-4551)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4551 advisory. - update runc for CVE-2019-5736 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...
Oracle Linux 7 : runc (ELSA-2019-4540)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-4540 advisory. - Apply patch for CVE-2019-5736 Wiekus Beukes - Resolves: 1412238 - CVE-2016-9962 - set init processes as non-dumpable, runc patch from Michael Crosby Tenable h...
Oracle Linux 7 : docker-engine (ELSA-2019-4550)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4550 advisory. - apply fix for runc CVE-2019-5736 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
Exploit for Improper Initialization in Linux Linux_Kernel
CVE-2022-0847 A simple exploit that uses dirtypipe to inject s...
K0Otkit - Universal Post-Penetration Technique Which Could Be Used In Penetrations Against Kubernetes Clusters
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters. With k0otkit, you can manipulate all the nodes in the target Kubernetes cluster in a rapid, covert and continuous way reverse shell. k0otkit is the combination of Kubernetes and...
Mageia: Security Advisory (MGASA-2019-0068)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for OS Command Injection in Docker
CVE-2019-5736 is a container escape vulnerability in Docker. The PoC Proof of Concept exploit for this vulnerability is available in the repository sekla/CVE-2019-5736-PoC. The exploit works by overwriting and executing the host system's runc binary from within the container. The exploit has two...
Whoc - A Container Image That Extracts The Underlying Container Runtime
A container image that extracts the underlying container runtime and sends it to a remote server. Poke at the underlying container runtime of your favorite CSP container platform! WhoC at Defcon 29 Cloud Village Azurescape - whoc-powered research, the first cross-account container takeover in the...
Public Clouds & Shared Responsibility: Lessons from Vulnerability Disclosure
The inexorable movement of data and applications to the cloud that began several years ago and accelerated during the pandemic shows no signs of slowing down. The rationale for this transformation is driven by a desire to outsource non-critical functions building and maintaining data centers,...
Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances
Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances ACI services that could have been weaponized by a malicious actor "to access other customers' information" in what the researchers described as the "first cross-account container takeover in the public...
Exploit for OS Command Injection in Docker
🖥️ -h3x0v3rl0rd- ️⃣ CVE-2019-5736 Usage : machine is vuln...
CVE-2019-5736 affecting package moby-buildx 0.4.1-3
CVE-2019-5736 affecting package moby-buildx 0.4.1-3. An upgraded version of the package is available that resolves this issue...
Metasploit Wrap-Up
Containers that fail to Contain Our own Christophe De La Fuente added a module for CVE-2019-5736 based on the work of Adam Iwaniuk that breaks out of a Docker container by overwriting the runc binary of an image which is run in the user context whenever someone outside the container runs docker...