Information Leakage

docker-modem is vulnerable to information leakage. The optionf variable in the function Modem.prototype.dial is not properly handled and used in the buildRequest function, causing a leakage of header information which may contain confidential information...

Security Bulletin: IBM Cloud Automation Manager is affected by an issue with Docker 19.03.x before 19.03.1.

Summary IBM Cloud Automation Manager Advanced Content Runtime is affected by an issue in docker 19.03.x before 19.03.1 described in CVE-2019-14271. If you have docker 19.03.x before 19.03.1 installed on your advanced content runtime system, then upgrade to 19.03.1 or higher. Vulnerability Details...

FudgeC2 - A Collaborative C2 Framework For Purple-Teaming Written In Python3, Powershell And .NET

FudgeC2 is a campaign orientated Powershell C2 framework built on Python3/Flask - Designed for team collaboration, client interaction, campaign timelining, and usage visibility. Note: FudgeC2 is currently in alpha stage, and should be used with caution in non-test environments. Setup Installation...

SUSE-SU-2019:2400-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: Security issue fixed: - CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container bsc1145383...

openSUSE Security Update : python-Werkzeug (openSUSE-2019-2145)

This update for python-Werkzeug fixes the following issues : Security issue fixed : - CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container bsc1145383. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Networ...

OPENSUSE-SU-2019:2145-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: Security issue fixed: - CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container bsc1145383. This update was imported from the SUSE:SLE-15-SP1:Update update project...

Security update for python-Werkzeug (moderate)

openSUSE Security Update: Security update for python-Werkzeug Announcement ID: openSUSE-SU-2019:2145-1 Rating: moderate References: 1145383 Cross-References: CVE-2019-14806 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

Semmle: Worker container escape lead to arbitrary file reading in host machine

Summary: Because lack of security, attacker will be able to remove original log file and replace it will a symlink to other file, After finishing job, host machine copy file from docker container. Because the original log file has been removed, the host machine will copy the symlink file. But the...

MGASA-2019-0269 Updated docker packages fix security vulnerability

Updated docker packages fix security vulnerability: Jasiel Spelman discovered that a double free existed in the docker-credential-helpers bundled in Docker. A local attacker could use this to cause a denial of service crash or possibly execute arbitrary code CVE-2019-1020014...

Updated docker packages fix security vulnerability

Updated docker packages fix security vulnerability: Jasiel Spelman discovered that a double free existed in the docker-credential-helpers bundled in Docker. A local attacker could use this to cause a denial of service crash or possibly execute arbitrary code CVE-2019-1020014...

SUSE-SU-2019:2365-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: Security issue fixed: - CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container bsc1145383...

SUSE-SU-2019:2358-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: Security issue fixed: - CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container bsc1145383...

openSUSE Security Update : python-Werkzeug (openSUSE-2019-2118)

This update for python-Werkzeug fixes the following issues : Security issue fixed : - CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container bsc1145383. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 ...

Botb - A Container Analysis And Exploitation Tool For Pentesters And Engineers

BOtB is a container analysis and exploitation tool designed to be used by pentesters and engineers while also being CI/CD friendly with common CI/CD technologies. What does it do? BOtB is a CLI tool which allows you to: Exploit common container vulnerabilities Perform common container post...

OPENSUSE-SU-2019:2118-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: Security issue fixed: - CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container bsc1145383. This update was imported from the SUSE:SLE-15:Update update project...

Security update for python-Werkzeug (moderate)

openSUSE Security Update: Security update for python-Werkzeug Announcement ID: openSUSE-SU-2019:2118-1 Rating: moderate References: 1145383 Cross-References: CVE-2019-14806 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...

Open Sourcing StringSifter

Malware analysts routinely use the Strings program during static analysis in order to inspect a binary's printable characters. However, identifying relevant strings by hand is time consuming and prone to human error. Larger binaries produce upwards of thousands of strings that can quickly evoke...

Mondoo - Cloud-Native Security And Vulnerability Risk Management

Quick Start Install mondoo: Workstation export MONDOOREGISTRATIONTOKEN='changeme' curl -sSL http://mondoo.io/download.sh | bash Service export MONDOOREGISTRATIONTOKEN='changeme' curl -sSL http://mondoo.io/install.sh | bash For other installation methods, have a look at our documentation. Run a...

SUSE-SU-2019:2308-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: Security issue fixed: - CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container bsc1145383...

openSUSE Security Update : podman / slirp4netns and libcontainers-common (openSUSE-2019-2044)

This is a version update for podman to version 1.4.4 bsc1143386. Additional changes by SUSE on top : - Remove fuse-overlayfs because it's currently an unsatisfied dependency on SLE bsc1143386 - Update libpod.conf to use correct infracommand - Update libpod.conf to use better versioned pause...