ID de Prueba:	1.3.6.1.4.1.25623.1.0.112987
Categoría:	Privilege escalation
Título:	Docker < 1.3.2 Privilege Escalation Vulnerability
Resumen:	Docker is prone to a privilege escalation vulnerability.
Descripción:	Summary: Docker is prone to a privilege escalation vulnerability. Vulnerability Insight: The Docker engine is vulnerable to extracting files to arbitrary paths on the host during 'docker pull' and 'docker load' operations. This was caused by symlink and hardlink traversals present in Docker's image extraction. Vulnerability Impact: This vulnerability could be leveraged to perform remote code execution and privilege escalation. Affected Software/OS: Docker prior to version 1.3.2. Solution: Update to version 1.3.2 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6407 http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145154.html http://www.openwall.com/lists/oss-security/2014/11/24/5 http://secunia.com/advisories/60171 http://secunia.com/advisories/60241 SuSE Security Announcement: openSUSE-SU-2014:1596 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00009.html
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.