what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

CVE-2015-1331

Status Candidate

Overview

lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.

Related Files

Debian Security Advisory 3317-1: Posted Jul 27, 2015; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3317-1 - Several vulnerabilities have been discovered in LXC, the Linux Containers userspace tools.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2015-1331, CVE-2015-1334; SHA-256 | 0c757887b859f350dc7059ceb18c56f376fff07f6d2055c9c9184bfdc54423ec; Download | Favorite | View

Ubuntu Security Notice USN-2675-1: Posted Jul 22, 2015; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2675-1 - Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user. Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor profile changes and SELinux domain transitions. A local attacker could exploit this flaw to run programs inside the container that are not confined by AppArmor or SELinux. Various other issues were also addressed.; tags | advisory, arbitrary, local, root; systems | linux, ubuntu; advisories | CVE-2015-1331, CVE-2015-1334; SHA-256 | 47dbd7d7a0f2824fa938fc929557064d57f6833f03d5e891f292307fdb4e85b7; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Tags

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec