CVE-2017-7412

NixOS 17.03 before 17.03.887 is affected by CVE-2017-7412 due to a world-writable Docker socket, enabling local privilege escalation by any user operating docker commands. Root cause: insecure socket permissions. Impact: local privilege elevation with full system access (as described in NVD/CNVD/...

Code injection

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

SSH Configuration & Policy Scanner: ssh_scan

SSH Configuration & Policy Scanner SSH, or secure shell, is a secure protocol and the most common way of safely administering remote servers. Using a number of encryption technologies, SSH provides a mechanism for establishing a cryptographically secured connection between two parties,...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

cve-2017-5638 cve-2017-5638 Vulnerable site sample This proje...

Docker Security Analysis Tools: dockerscan

Docker Security Analysis Tools Currently Docker Scan support these actions: Registry Delete: Delete remote image / tag Info: Show info from remote registry Push: Push and image like Docker client Upload: Upload random a file Image Analyze: Looking for sensitive information in a Docker image...

DC/OS Marathon UI Docker Exploit

Utilizing the DCOS Cluster's Marathon UI, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing...

CVE-2016-8954

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

Hardcoded credentials

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

CVE-2016-8954

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

CVE-2016-8954

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

SUSE-SU-2017:1964-1 Security update for containerd, docker, runc

This update for - containerd - docker to 1.12.6 - runc fixes the two issues. This security issue was fixed: - CVE-2016-9962: A difficult to exploit race condition caused by passing a file descriptor from the host's filesystem into the container could have allowed the guest to escapebsc1012568. Fo...

openSUSE Security Update : containerd / docker / runc (openSUSE-2017-181)

This update for - containerd, - docker to version 1.12.6 and - runc fixes several issues. This security issues was fixed : - CVE-2016-9962: container escape vulnerability bsc1012568. Thsese non-security issues were fixed : - boo1019251: Add a delay when starting docker service - Fixed...

OWASP Security Knowledge Framework - An expert system application that uses OWASP Application Security Verification Standard

Security Knowledge Framework is an expert system application that uses OWASP Application Security Verification Standard, code examples, helps developers in pre-development and post-development. Introduction Our experience taught us that the current level of security the current web-applications...

OWASP Security Shepherd - Web And Mobile Application Security Training Platform

The OWASP Security Shepherd Project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. The aim of this project is to take AppSec novices or experienced engineers and sharpen...

passfault - OWASP Passfault evaluates passwords and enforces password policy in a completely different way

Objective: Do Passwords Better! Running the Command-line Interface: 1. install java 2. cd core 3. gradlew installDist 4. run build/install/core/bin/core Running the jsonWebService: 1. cd jsonService 2. gradlew build jettyRunWar 3. browse to localhost:8080/jsonService Note the war will be located ...

Fedora 24 : 2:docker-latest (2017-c2c2d1be16)

Fix CVE-2016-9962 - Insecure opening of file-descriptor allows privilege escalation ---- built docker @projectatomic/docker-1.12 commit 6009905 ---- built docker @projectatomic/docker-1.12 commit 97974ae ---- built docker @projectatomic/docker-1.12 commit 7b5044b Note that Tenable Network Securit...

Fedora Update for docker-latest FEDORA-2017-c2c2d1be16

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...