9264 matches found
Docker Releases Security Updates
Docker versions 1.3.3 and 1.4.0 have been released to address multiple security vulnerabilities, one of which could allow a remote attacker to take control of a vulnerable system. Users and administrators are encouraged to review the Docker Security Advisory and apply the necessary updates. This...
Docker Server Version Detection
Binary data 8596.prm...
Docker Server System Information Detection
Binary data 8597.prm...
Docker Server Detection
Binary data 8595.prm...
Docker Server Image Information Detection (deprecated)
Binary data 8599.prm...
Docker Server Container Information Detection (deprecated)
Binary data 8598.prm...
Critical: docker
Issue Overview: Path traversal attacks are possible in the processing of absolute symlinks. In checking symlinks for traversals, only relative links were considered. This allowed path traversals to exist where they should have otherwise been prevented. This was exploitable via both archive...
docker: symbolic and hardlink issues leading to privilege escalation
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a 1 symlink or 2 hard link attack in an image archive in a a pull or b load operation...
Low: Red Hat Bug Fix Advisory: docker bug fix and enhancement update
An updated docker package that fixes several bugs and adds various enhancements is now available for Red Hat Enterprise Linux 7 Extras. Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually...
docker: Path traversal and spoofing opportunities presented through image identifiers
Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a 1 "docker load" operation or 2 "registry communications."...
openSUSE Security Update : docker (openSUSE-SU-2014:1596-1)
docker was updated to version 1.3.2 to fix two security issues. These security issues were fixed : - Symbolic and hardlink issues leading to privilege escalation CVE-2014-6407. - Potential container escalation CVE-2014-6408. There non-security issues were fixed : - Fix deadlock in docker ps -f...
Security update for docker (important)
docker was updated to version 1.3.2 to fix two security issues. These security issues were fixed: - Symbolic and hardlink issues leading to privilege escalation CVE-2014-6407. - Potential container escalation CVE-2014-6408. There non-security issues were fixed: - Fix deadlock in docker ps -f...
PT-2014-7211 · Docker +1 · Docker +1
Name of the Vulnerable Software and Affected Versions: Docker versions 1.3.0 through 1.3.1 Description: The issue allows remote attackers to modify the default run profile of image containers. This could possibly lead to bypassing the container by applying unspecified security options to an image...
Oracle Linux 6 / 7 : docker (ELSA-2014-3095)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3095 advisory. - Update source to 1.3.2 from https://github.com/docker/docker/releases/tag/v1.3.2 Prevent host privilege escalation from an image extraction...
docker security and bug fix update
1.3.2-1.0.1 - Rename requirement of docker-io-pkg-devel in %package devel as docker-pkg-devel - Restore SysV init scripts for Oracle Linux 6 - Require Oracle Unbreakable Enterprise Kernel Release 3 or higher - Rename as docker. - Re-enable btrfs graphdriver support 1.3.2-1 - Update source to 1.3....
Fedora 21 : docker-io-1.3.2-2.fc21 (2014-15779)
Security fix for CVE-2014-6407, CVE-2014-6408 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
[SECURITY] Fedora 21 Update: docker-io-1.3.2-2.fc21
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...
Docker 1.3.2 - Security Advisory [24 Nov 2014]
Today, we are releasing Docker 1.3.2 in order to address two critical security issues. This release also includes several bugfixes, including changes to the insecure-registry option. Below are CVE descriptions for the vulnerabilities addressed in this release. Docker 1.3.2 is available immediatel...
Amazon Linux AMI : docker (ALAS-2014-454)
Docker versions 1.3.0 through 1.3.1 allowed security options to be applied to images, allowing images to modify the default run profile of containers executing these images. This vulnerability could allow a malicious image creator to loosen the restrictions applied to a container's processes,...
Critical: docker
Issue Overview: Docker versions 1.3.0 through 1.3.1 allowed security options to be applied to images, allowing images to modify the default run profile of containers executing these images. This vulnerability could allow a malicious image creator to loosen the restrictions applied to a container'...