In Docker up to and including 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
docker docker 17.06.2-ce |
||
docker docker 17.07.0-ce |
||
docker docker 17.06.0-ce |
||
docker docker 17.09.0-ce |
||
docker docker 17.09.1-ce- |
||
docker docker 17.12.0-ce |
||
docker docker 17.12.1-ce |
||
docker docker 18.03.1-ce |
||
docker docker 18.04.0-ce |
||
docker docker 18.05.0-ce |
||
docker docker 17.06.1-ce |
||
docker docker 17.09.1-ce |
||
docker docker 17.10.0-ce |
||
docker docker 18.01.0-ce |
||
docker docker 18.02.0-ce |
||
docker docker 18.03.0-ce |
||
docker docker 18.06.0-ce |
||
docker docker 17.11.0-ce |
||
docker docker 18.06.1-ce |
This month the vendor has patched 77 vulnerabilities, 16 of which are rated Critical.
Posted: 10 Jul, 201922 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – July 2019This month the vendor has patched 77 vulnerabilities, 16 of which are rated Critical.As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required while still maintaining functionality. Avoid h...
Meanwhile, Adobe gives Flash the month off. SAP emits fixes, though Huawei website ████ ██████ security flaws ██████ customer info and biz operations at risk: ███████ patched
Patch Tuesday Summer is now firmly upon us, and depending on where you are, the weather could be just about anything from stupidly hot to unbearably wet and cold right now given the state of the climate. Well, anyway, Microsoft, Adobe, and SAP have dropped the July editions of their monthly security updates, so there's at least one storm to weather. How's that for a silky smooth transition? For Microsoft, July brings fixes for a total of 78 CVE-listed vulnerabilities. Among the more serious flaw...
Tricky to exploit in the real world, which is good because no official fix is available yet Docker made itself popular with devs. Now it has to make itself essential for biz. But how? Ah ha! Pay-as-you-go enterprise features
A vulnerability in all versions of Docker can be potentially exploited by miscreants to escape containers' security protections, and read and write data on host machines, possibly leading to code execution. This is according to senior SUSE software engineer Aleksa Sarai, who said the flaw is a race condition bug in which a file path is changed after it has been checked as valid, and, crucially, before it is used. The flaw, designated CVE-2018-15664, can be, in certain circumstances, abused to re...