Important kernel security update: CVE-2017-1000364; new kernel 2.6.18-028stab122.3 for Virtuozzo Containers for Linux 4.6

This update provides a new Virtuozzo Containers for Linux 4.6 kernel 2.6.18-028stab122.3 based on the Red Hat Enterprise Linux 5 kernel 2.6.18-419.el5. The new kernel introduces a security fix. Vulnerability id: CVE-2017-1000364 A flaw was found in the way memory was being allocated on the stack...

Important kernel security update: CVE-2017-1000364; new kernel 2.6.32-042stab123.8 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab123.8 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides a security fix. Vulnerability id: CVE-2017-1000364 A flaw was found in the way memory...

Kernel update: new kernel 2.6.32-042stab123.6 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab123.6 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides a stability bug fix. Vulnerability id: PSBM-67323, PSBM-62215 Fixed network...

Kernel update: new kernel 2.6.18-028stab122.2 for Virtuozzo Containers for Linux 4.6

This update provides a new Virtuozzo Containers for Linux 4.6 kernel 2.6.18-028stab122.2 based on the Red Hat Enterprise Linux 5 kernel 2.6.18-419.el5. The new kernel introduces a stability fix. Vulnerability id: PSBM-66818 delayfs should not be mounted manually...

Heroku Dynos Explained

What are Heroku Dynos? If youve ever hosted an application on Heroku, the popular platform as a service, youre likely at least aware of the existence of "Dynos". But what exactly are Heroku Dynos and why are they important? As explained in Herokus docs, Dynos are simply lightweight Linux containe...

Modern Network Coverage and Container Security in InsightVM

For a long time, the concept of "infrastructure" remained relatively unchanged: Firewalls, routers, servers, desktops, and so on make up the majority of your network. Yet over the last few years, the tides have begun to shift. Virtualization is now ubiquitous, giving employees tremendous leeway i...

Kernel security update: CVE-2017-7645 and other; new kernel 2.6.32-042stab123.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab123.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides security fixes as well as stability bug fixes. Vulnerability id: CVE-2017-7895 The...

Information Disclosure

github.com/projectatomic/oci-register-machine is vulnerable to information disclosure. The machinectl command allows local users to list what containers are running and potentially obtain sensitive information...

Information Disclosure

github.com/lxc/lxd is vulnerable to information disclosure. This is because it uses world-readable permissions for /var/lib/lxd/zfs.imgwhen setting up a ZFS pool. Using this flaw local users can read and copy data from arbitrary containers...

Kernel security update: CVE-2017-7472; new kernel 2.6.32-042stab123.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab123.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides a security fix and stability bug fixes. Vulnerability id: CVE-2017-7472 It was found...

Truehunter - Tool to detect TrueCrypt containers

The goal of Truehunter is to detect TrueCrypt containers using a fast and memory efficient approach. It was designed as a PoC some time ago as I couldn't find any open source tool with the same functionality. Installation Just use with Python 2.7, it does not need any additional libraries. usage:...

PYSEC-2017-21

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...

Kong and Wallarm Partner Up to Boost Microservices API Security

Wallarm has partnered with Mashape to provide the microservices community with API security. Mashape enterprise customers who use Kong API gateway can now quickly add API security protection without change in Kong user’s deployment. Read more about Kong and Wallarm partnership in this blog. Today...

Kernel security update: new kernel 2.6.32-042stab123.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab123.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides security fixes. Vulnerability id: CVE-2017-6214 A flaw was found in the Linux kernel'...

CVE-2016-6349

The machinectl command in oci-register-machine allows local users to list running containers and possibly obtain sensitive information by running that command...

CVE-2016-6349

The machinectl command in oci-register-machine allows local users to list running containers and possibly obtain sensitive information by running that command...

CVE-2016-6349

CVE-2016-6349 : The machinectl command in oci-register-machine allows local users to list running containers and potentially obtain sensitive information. Root cause: information exposure via machinectl. Impact in the provided docs is described as local information disclosure; no patch/remediatio...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-019)

According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - A flaw was discovered in the Linux kernel's key subsystem. Invoking the requestkey system call with a...

Virtuozzo 6 : parallels-server-bm-release / pfcache / ploop / etc (VZA-2017-003)

According to the version of the parallels-server-bm-release / pfcache / ploop / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - A vulnerability within vzpkg could allow a malicious user to perform a basic symlink attack resultin...

Virtuozzo 7 : readykernel-patch (VZA-2017-021)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - A flaw was discovered in the Linux kernel's key subsystem. Invoking the requestkey system call with a specially crafte...