Amazon Linux AMI : docker (ALAS-2018-1071)

The default OCI Linux spec in oci/defaultslinux.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness.CVE-2018-10892 C Tenable Network Security,...

Docker for Windows Detection (Windows SMB Login)

SMB login-based detection of Docker for Windows. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Docker for Windows Privilege Escalation Vulnerability (Aug 2018)

Docker for Windows is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CLI for Ephemeral Penetration Testing: hideNsneak

This application assists in managing attack infrastructure for penetration testers by providing an interface to rapidly deploy, manage, and take down various cloud services. These include VMs, domain fronting, Cobalt Strike servers, API gateways, and firewalls. hideNsneak provides a simple...

Vulners Scanner - Vulnerability Scanner Based On Vulners.Com Audit API

PoC of a host-based vulnerability scanner, which uses vulners.com API. Detects operating system, collects installed packages and checks vulnerabilities in it. Supported OS Currently support collecting packages for these operating systems: Debian-based debian, kali, ubuntu Rhel-based redhat, cento...

Medium: docker

Issue Overview: The default OCI Linux spec in oci/defaultslinux.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness.CVE-2018-10892 Affected...

Policy Bypass

github.com/twistlock/authz is vulnerable to policy bypass attacks. The vulnerability exists due to the usage of weak regular expressions to control the access of docker commands through URL, allowing policy bypass attacks...

Design/Logic Flaw

HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 edge and before 18.06.0-ce-win72 stable deserialized requests over the \.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users"...

CVE-2018-15514

HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 edge and before 18.06.0-ce-win72 stable deserialized requests over the \.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users"...

CVE-2018-15514

HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 edge and before 18.06.0-ce-win72 stable deserialized requests over the \.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users"...

CVE-2018-15514

HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 edge and before 18.06.0-ce-win72 stable deserialized requests over the \.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users"...

CVE-2018-15514

Docker for Windows is affected by CVE-2018-15514 due to HandleRequestAsync deserialization of untrusted data over the dockerBackend NamedPipe, allowing local privilege escalation to SYSTEM for users in the docker-users group. Affected builds are stable < 18.06.0-ce-win70 and edge

Securing Container Deployments with Qualys

With container adoption booming, security teams must protect the applications that DevOps teams create and deploy using this method of OS virtualization. The security must be comprehensive across the entire container lifecycle, and built into the DevOps pipeline in a way that is seamless and...

Exploit for CVE-2018-11776

S2-057-CVE-2018-11776 A simple exploit for Apache Struts RCE S...

Exploit for CVE-2018-11776

CVE-2018-11776 Docker container and POC exploit written in Go...

Microctfs - Small CTF Challenges Running On Docker

Small CTF challenges running on Docker logviewer Build and Start logviewer challenge exposed on port 8000 cd logviewer docker build -t logviewer . docker run -d -p 8000:80 --name logchallenge logviewer Restart logviewer challenge docker rm -f logchallenge && docker run -d -p 8000:80 --name...

Exploit for CVE-2018-11776

Vulnerable docker container for CVE-2018-11776 docker...

Exploit for CVE-2018-11776

CVE-2018-11776-Python-PoC hook-s3c github.com/hook-s3c, @hoo...

Important Photon OS Security Update - PHSA-2018-0086

Updates of 'python2', 'docker', 'strongswan' packages of Photon OS have been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0086

An update of 'docker', 'python2', 'strongswan' packages of Photon OS has been released...