Nextcloud: Docker image with FPM is vulnerable to CVE-2019-11043

The CVE-2019-11043 vulnerability can be exploited in the latest nextcloud:fpm image. This is due to the specific nginx configuration recommended for nextcloud: https://github.com/nextcloud/dockerbase-version---fpm...

Snare - Super Next Generation Advanced Reactive honEypot

snare - Super Next generation Advanced Reactive honEypot Super Next generation Advanced Reactive honEypot About SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet. Documentation The documentation can be found here. Basic Concepts Surface first. Focus...

Graboid: Revenge of the Worms

This week saw news of self-propagating worms in the container landscape to perform unsanctioned computation tasks such as cryptojacking. This blog post is intended for Qualys customers and partners to understand how such container attacks work, provide security best practice recommendations &...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The target product/service or framework is docker and docker-compose. The vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various attacks. The probable entry...

Docker Containers Riddled with Graboid Crypto-Worm

The Docker cloud containerization technology is the target for a just-discovered cryptojacking worm dubbed Graboid. According to researchers at Palo Alto’s Unit 42, the worm, which looks to mine the Monero cryptocurrency, has infected more than 2,000 unsecured Docker Engine Community Edition host...

docker: command injection due to a missing validation of the git ref command

A command injection flaw was discovered in Docker during the docker build command. By providing a specially crafted path argument for the container to build, it is possible to inject command options to the git fetch/git checkout commands that are executed by Docker and to execute code with the...

Moderate: Red Hat Bug Fix Advisory: docker bug fix update

Updated docker package that fixes two bugs is now available for Red Hat Enterprise Linux 7 Extras. Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. The docker package contains docke...

The vulnerability of the automation tool for deploying and managing applications in Docker-based environments, related to the disclosure of information through registration files, allows a malicious actor to gain unauthorized access to this information.

The vulnerability of the automation tool for deploying and managing applications in Docker-enabled environments is related to the disclosure of information through registration files. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to...

The vulnerability of the automation tools for deploying and managing applications in Docker-enabled environments relates to errors in code generation. This allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the automation tool for deploying and managing applications in Docker-enabled environments is related to errors in code generation during dynamic library loading. Exploiting this vulnerability can allow a malicious actor to compromise data integrity, gain unauthorized access ...

The vulnerability of the docker build mechanism, a tool for automating the deployment and management of applications in containerized environments, allows an attacker to gain unauthorized access to information, cause service failures, or affect the availability of information.

The vulnerability of the docker build mechanism, a tool for automating the deployment and management of applications in containerized environments, is related to insufficient testing of arguments passed in commands. Exploiting this vulnerability can allow attackers to gain unauthorized access to...

Podman & Varlink 1.5.1 - Remote Code Execution Exploit

Exploit Title: Podman & Varlink 1.5.1 - Remote Code Execution Exploit Author: Jeremy Brown Date: 2019-10-15 Vendor Homepage: https://podman.io/ Software Link: dnf install podman or https://github.com/containers/libpod/releases Version: 1.5.1 Tested on: Fedora Server 30 !/usr/bin/python -- coding:...

Podman Varlink 1.5.1 - Remote Code Execution

Podman Varlink 1.5.1 - Remote Code Execution Exploit Title: Podman & Varlink 1.5.1 - Remote Code Execution Exploit Author: Jeremy Brown Date: 2019-10-15 Vendor Homepage: https://podman.io/ Software Link: dnf install podman or https://github.com/containers/libpod/releases Version: 1.5.1 Tested on:...

QIWI: Раскрытие чувствительной информации composer.lock docker-compose.yml

Sensitive information disclosure in composer.lock and docker-compose.yml i die ███████████████████████████ ███████▀▀▀░░░░░░░▀▀▀███████ ████▀░░░░░░░░░░░░░░░░░▀████ ███│░░░░░░░░░░░░░░░░░░░│███ ██▌│░░░░░░░░░░░░░░░░░░░│▐██ ██░└┐░░░░░░░░░░░░░░░░░┌┘░██ ██░░└┐░░░░░░░░░░░░░░░┌┘░░██...

CloudBees Jenkins CloudShare Docker-Machine Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. The product is mainly used to monitor continuous software version release/testing projects and some timed tasks.CloudShare Docker-Machine Plugin is used in one of the plugin for building and...

CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

SUSE-SU-2019:1368-2 Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root

This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues: - CVE-2019-5021: Include an invalidated root password by default, not an empty one bsc1134524...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly stated, but the repository contains various vulnerable environments and exploits for different vulnerabilities, including CVE-2016-9086, CVE-2017-1000353, and CVE-2018-1000006. The...

box.js - A Tool For Studying JavaScript Malware

A utility to analyze malicious JavaScript. Installation Simply install box-js from npm: npm install box-js --global Usage Looking to use box-js with Cuckoo? Use cuckoo-package.py as an analysis package. Let's say you have a sample called sample.js: to analyze it, simply run box-js sample.js Chanc...

Tarnish - A Chrome Extension Static Analysis Tool To Help Aide In Security Reviews

tarnish is a static-analysis tool to aid researchers in security reviews of Chrome extensions. It automates much of the regular grunt work and helps you quickly identify potential security vulnerabilities. This tool accompanies the research blog post which can be found here. If you don't want to ...

vulhub

It is an offensive tool for Vulnerability Research and Training. The repository, vulhub, contains pre-built vulnerable environments based on Docker-Compose. The primary vulnerability is not explicitly stated, but the repository includes various vulnerable environments, such as Flask SSTI, Apache...