EUVD-2018-21454

Malware in sbrugna...

Mageia: Security Advisory (MGASA-2016-0209)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-3697 affecting package moby-buildx 0.4.1-3

CVE-2016-3697 affecting package moby-buildx 0.4.1-3. An upgraded version of the package is available that resolves this issue...

SUSE: Security Advisory (SUSE-SU-2016:1159-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker (EulerOS-SA-2016-1016)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Docker and Python as used in IBM QRadar SIEM is vulnerable to various CVEs.

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2016-3697 DESCRIPTION: Docker could allow a local attacker to gain elevated privileges on the system, caused by an error in...

Code injection

util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697...

CVE-2018-9862

util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697...

Moderate: Red Hat Security Advisory: docker security and bug fix update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Fedora Update for docker FEDORA-2016-6ef52e1fc3

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-3697

libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container...

DEBIAN-CVE-2016-3697

libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container...

KLA10820 Privilege escalation vulnerability in Docker

An improper treating of a numeric UID was found in Docker. By exploiting this vulnerability malicious users can escalate privileges. This vulnerability can be exploited locally via a numeric username in the password file. Technical details This vulnerability is related to libcontainer/user/user.g...

openSUSE Security Update : docker (openSUSE-2016-643)

This update for docker fixes the following issues : Security issues fixed : - CVE-2016-3697: Potential privilege escalation via confusion of usernames and UIDs boo976777 Bugs fixed : - devicemapper: fix zero-sized field access - remove docker-netns-aarch64.patch: This patch was adding We'll fix...

MGASA-2016-0209 Updated docker package fixes CVE-2016-3697

Updated docker packages fix security vulnerability: It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container CVE-2016-3697...

Updated docker package fixes CVE-2016-3697

Updated docker packages fix security vulnerability: It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container CVE-2016-3697...

Moderate: Red Hat Security Advisory: docker security, bug fix, and enhancement update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

SUSE-SU-2016:1159-1 Security update for docker

docker was updated to fix one security issue. This security issue was fixed: - CVE-2016-3697: Potential privilege escalation via confusion of usernames and UIDs bsc976777...