docker 1.0.0 docker.socket world accessible

CVE-2014-3499 docker.socket world accessible 漏洞类型 设计错误 本地权限提升 漏洞分析 Docker 1.0.0使用全局可读可写的管理套接字，这种设计会允许本地用户利用写套接字，获得特殊的权限。 具体分析 docker.socket 在docker 1.0.0版本时，并没有限制读写socket的权限，导致本地用户任何socket读写都能够完成。 本地用户使用构造的恶意请求写入到socket中会导致root权限执行任意代码。 具体过程 在init/systemd中，...

R.I.P Ian Murdock, Founder of Debian Linux, Dies at 42

Ian Murdock, the founder the Debian Linux operating system and the creator of apt-get, has passed away. Yes, it is very sad to announce that Ian Murdock is not between us. His death has touched the entire software community. He was just 42. The announcement of Murdock death came out via a blog po...

openSUSE Security Update : docker (openSUSE-2015-792)

Docker was updated to version 1.9.0, bringing features and bugfixes bnc954812 : - Runtime : - docker stats now returns block IO metrics 15005 - docker stats now details network stats per interface 15786 - Add ancestor= filter to docker ps --filter flag to filter containers based on their ancestor...

Codetainer - A Docker Container In Your Browser

codetainer allows you to create code 'sandboxes' you can embed in your web applications think of it like an OSS clone of codepicnic.com . Codetainer runs as a webservice and provides APIs to create, view, and attach to the sandbox along with a nifty HTML terminal you can interact with the sandbox...

Docker Remote API 未授权访问

介绍 docker 在使用集群管理如:Kubernetes,swarm时，要使用remote api对节点进行管理.remote api无认证时的默认端口是2375需要TLS认证默认登录是2376。 remote api默认是可以不需要认证能直接访问，能直接对docker进行操作,如新建容器,删除容器,查看镜像容器信息等... remote api操作方法见docker官方文档 检测docker remote api 未授权访问可以使用curl或者直接用浏览器访问 http://ip:2375/info 如果返回了json证明漏洞存在，如下图 其他参考链接...

Moderate: Red Hat Security Advisory: kubernetes security update

Updated kubernetes packages that fix one security issue are now available for Red Hat OpenShift Enterprise 3.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

openSUSE Security Update : docker (openSUSE-2015-666)

Docker was updated to 1.8.3 to fix two security issues. The following vulnerabilities were fixed : - CVE-2014-8178: layer IDs lead to local graph poisoning boo949660 - CVE-2014-8179: manifest validation and parsing logic errors allow pull-by-digest validation bypass In addition, the following...

Oracle: Security Advisory (ELSA-2015-3085)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 / 7 : docker-engine (ELSA-2015-3085)

The remote Oracle Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2015-3085 advisory. - Fix layer IDs lead to local graph poisoning CVE-2014-8178 - Fix manifest validation and parsing logic errors allow pull-by-digest validation bypa...

SUSE-SU-2015:1757-1 Security update for docker

docker was updated to version 1.8.3 to fix two security issues. These security issues were fixed: - CVE-2014-8178: Manipulated layer IDs could have lead to local graph poisoning bsc949660. - CVE-2014-8179: Manifest validation and parsing logic errors allowed pull-by-digest validation bypass...

docker-engine security update

1.8.3-1.0.1 - Enable configuration of Docker daemon via sysconfig orabug 21804877 - Add documentation files to binary RPM 1.8.3 - Fix layer IDs lead to local graph poisoning CVE-2014-8178 - Fix manifest validation and parsing logic errors allow pull-by-digest validation bypass CVE-2014-8179 - Add...

Oracle: Security Advisory (ELSA-2014-3095)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2015-3037)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2014-3110)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for docker (openSUSE-SU-2014:1596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-RU-2015:1730-1 Recommended update for various Crowbar barclamps and OpenStack components

This update provides fixes and enhancements for various Crowbar barclamps and OpenStack components. crowbar-barclamp-ceilometer: - Do not assume ceilometer-agent-hyperv is listed in elements. bsc937117 crowbar-barclamp-cinder: - Fix hideShow toggle of passwordfield in backends. bsc919963...

Multiprotocol Network Emulator – Simulator: IMUNES

IMUNES GUI is a simple Tcl/Tk based management console, allowing for specification and management of virtual network topologies. The emulation execution engine itself operates within the operating system kernel. Univesity of Zagreb developed a realistic network topology emulation / simulation...

Amazon Linux: Security Advisory (ALAS-2015-522)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2014-454)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2015-588)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...