Lucene search
K

14 matches found

NVD
NVD
added 2015/08/12 2:59 p.m.13 views

CVE-2015-1331

lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/...

4.9CVSS8.1AI score0.00459EPSS
Exploits1References8
OSV
OSV
added 2015/08/12 2:59 p.m.6 views

CVE-2015-1331

lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/...

6AI score
Exploits0References8
CVE
CVE
added 2015/08/12 2:0 p.m.151 views

CVE-2015-1331

CVE-2015-1331 affects LXC prior to 1.1.2 (lxclock.c) and enables local users to create arbitrary files via a symlink attack on /run/lock/lxc/*. The connected records indicate the issue was addressed in later LXC updates (e.g., openSUSE security advisory openSUSE-2019-1481) which references upgrad...

4.9CVSS7.9AI score0.00459EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/08/11 12:0 a.m.20 views

Fedora 22 : lxc-1.1.2-2.fc22 (2015-12647)

Security fix for CVE-2015-1331, CVE-2015-1334. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

4.9CVSS5.5AI score0.00459EPSS
Exploits1References5
Mageia
Mageia
added 2015/08/07 7:20 p.m.32 views

Updated lxc package fixes security vulnerability

Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user CVE-2015-1331. Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor...

4.9CVSS8.4AI score0.00459EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2015/07/31 12:0 a.m.36 views

lxc security update

1.0.7-2.0.7 - Orabug 21533491 CVE-2015-1334: Don't use the container's /proc during attach 1.0.7-2.0.6 - Orabug 21526922 CVE-2015-1331: LXCLOCK: USE /RUN/LXC/LOCK RATHER THAN /RUN/LOCK/LXC...

4.9CVSS1.1AI score0.00459EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/07/31 12:0 a.m.23 views

openSUSE Security Update : lxc (openSUSE-2015-523)

lxc was updated to fix two security issues. The following vulnerabilities were fixed : - CVE-2015-1331: directory traversal flaw allowing arbitrary file creation as the root user bnc938522 - CVE-2015-1334: AppArmor or SELinux confinement escape via fake /proc bnc938523 %NASLMINLEVEL 70300 C Tenab...

4.9CVSS5.8AI score0.00459EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/07/27 12:0 a.m.24 views

Debian DSA-3317-1 : lxc - security update

Several vulnerabilities have been discovered in LXC, the Linux Containers userspace tools. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-1331 Roman Fiedler discovered a directory traversal flaw in LXC when creating lock files. A local attacker cou...

4.9CVSS5.8AI score0.00459EPSS
Exploits1References7
Debian
Debian
added 2015/07/25 2:54 p.m.25 views

[SECURITY] [DSA 3317-1] lxc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3317-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2015 https://www.debian.org/security/faq -...

4.9CVSS2.4AI score0.00459EPSS
Exploits1
Debian
Debian
added 2015/07/25 2:54 p.m.24 views

[SECURITY] [DSA 3317-1] lxc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3317-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2015 https://www.debian.org/security/faq -...

4.9CVSS9AI score0.00459EPSS
Exploits1
OpenVAS
OpenVAS
added 2015/07/25 12:0 a.m.27 views

Debian Security Advisory DSA 3317-1 (lxc - security update)

Several vulnerabilities have been discovered in LXC, the Linux Containers userspace tools. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-1331 Roman Fiedler discovered a directory traversal flaw in LXC when creating lock files. A local attacker could...

4.9CVSS8.9AI score0.00459EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/07/23 12:0 a.m.25 views

Ubuntu 14.04 LTS : LXC vulnerabilities (USN-2675-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2675-1 advisory. Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrar...

4.9CVSS6AI score0.00459EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2015/07/22 3:1 p.m.45 views

USN-2675-1: LXC vulnerabilities

Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user. CVE-2015-1331 Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor...

4.9CVSS5.6AI score0.00459EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2015/07/22 2:0 p.m.21 views

CVE-2015-1331

lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/...

4.9CVSS6.3AI score0.00459EPSS
Exploits1References2
Rows per page
Query Builder