Marathon UI Docker Command Execution

Command execution vulnerability exist in Marathon UI Docker. The vulnerability is due to improper privilege handling. An attacker can exploit the vulnerability to run code with admin permissions...

Apache Hadoop Privilege Escalation Vulnerability (Jun 2017)

Apache Hadoop is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:hadoop"; i...

Domain Name Permutation Engine: dnstwist

Domain Name Permutation Engine Domain name permutation engine for detecting typo squatting, phishing and corporate espionage See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters,...

DC/OS Marathon UI Docker Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DC/OS Marathon UI Docker Exploit', 'Description' = %q Utilizing the DCOS Cluster's Marathon UI, an attacker can create a docker container with the...

DC/OS Marathon UI Docker Privilege Escalation Exploit

Utilizing the DCOS Cluster's Marathon UI, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing...

DC/OS Marathon UI - Docker (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DC/OS Marathon UI Docker Exploit', 'Description' = %q Utilizing the DCOS Cluster's Marathon UI, an attacker can create a docker container with the...

Input validation

In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root...

CVE-2017-7669

In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root...

CVE-2017-7669

In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root...

CVE-2017-7669

In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root...

CVE-2017-7669

CVE-2017-7669 affects Apache Hadoop where the LinuxContainerExecutor runs docker commands as root when the docker feature is enabled, due to insufficient input validation. Affected versions include Hadoop 2.8.0 and 3.0.0-alpha1/alpha2; authenticated users could execute commands as root. The issue...

Design/Logic Flaw

Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems o...

CVE-2016-0761

Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems o...

CVE-2016-0761

CVE-2016-0761 affects Cloud Foundry Garden-Linux (versions prior to v0.333.0) and Elastic Runtime 1.6.x prior to 1.6.17. The flaw is in how container files are managed during Docker image preparation, which could allow deletion, corruption, or overwriting of host files and directories, including ...

CVE-2016-0761

Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems o...

Modern Network Coverage and Container Security in InsightVM

For a long time, the concept of "infrastructure" remained relatively unchanged: Firewalls, routers, servers, desktops, and so on make up the majority of your network. Yet over the last few years, the tides have begun to shift. Virtualization is now ubiquitous, giving employees tremendous leeway i...

Cameradar - An RTSP Surveillance Camera Access Multitool

Cameradar hacks its way into RTSP CCTV cameras Cameradar allows you to: Detect open RTSP hosts on any accessible target Get their public info hostname, port, camera model, etc. Launch automated dictionary attacks to get their stream route for example /live.sdp Launch automated dictionary attacks ...

Is Docker Swarm going to change how we do microservices APIs?

During the DockerCon a couple of weeks ago the new native swarm functionality was one of the highlighted themes. What is a swarm? A swarm is a cluster of Docker engines, or nodes, which acts as an orchestrator, monitor and ingress load balancer for all the services deployed on swarm. The Docker...

Container Bypass

gthub.com/docker/docker is vulnerable to container bypass. Attackers are able to edit the default run profile of an image container leading to container bypass through the security options...

Directory Traversal

github.com/docker/docker is vulnerable to path traversal attacks. These attacks are possible due to a flaw in the processing of absolute symlinks. The flaw allows attackers to use malicious images and builds to write files to the host system and escape containerization, possibly leading to...