Test Kennung:	1.3.6.1.4.1.25623.1.0.112987
Kategorie:	Privilege escalation
Titel:	Docker < 1.3.2 Privilege Escalation Vulnerability
Zusammenfassung:	Docker is prone to a privilege escalation vulnerability.
Beschreibung:	Summary: Docker is prone to a privilege escalation vulnerability. Vulnerability Insight: The Docker engine is vulnerable to extracting files to arbitrary paths on the host during 'docker pull' and 'docker load' operations. This was caused by symlink and hardlink traversals present in Docker's image extraction. Vulnerability Impact: This vulnerability could be leveraged to perform remote code execution and privilege escalation. Affected Software/OS: Docker prior to version 1.3.2. Solution: Update to version 1.3.2 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6407 http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145154.html http://www.openwall.com/lists/oss-security/2014/11/24/5 http://secunia.com/advisories/60171 http://secunia.com/advisories/60241 SuSE Security Announcement: openSUSE-SU-2014:1596 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00009.html
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.