464 matches found
docker: privilege escalation via confusion of usernames and UIDs
It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container...
MGASA-2016-0043 Updated docker/golang packages fix security vulnerability
Manipulated layer IDs could have lead to local graph poisoning CVE-2014-8178. Manifest validation and parsing logic errors allowed pull-by-digest validation bypass CVE-2014-8179. To fix these issues, the golang package has been updated to version 1.4.3 and the docker package has been updated to...
DEBIAN-CVE-2015-3631
Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...
Re: Bypassing Inherited Rights Filters in Novell Directory Services.
At 07:24 PM 9/7/2000 -0700, you wrote: Here's an example. An administrator, .BOB.ACME, has Supervisor S rights to the .ACME container. There is a container, .SECRET.ACME, which BOB should not have any access to. If you understood NDS sufficiently, you wouldn't give Bob S rights to a container whe...