Showing 1 - 1 of 1

CVE-2016-3708

Status Candidate

Overview

Red Hat OpenShift Enterprise 3.2, when multi-tenant SDN is enabled and a build is run in a namespace that would normally be isolated from pods in other namespaces, allows remote authenticated users to access network resources on restricted pods via an s2i build with a builder image that (1) contains ONBUILD commands or (2) does not contain a tar binary.

Related Files

Red Hat Security Advisory 2016-1094-01: Posted May 20, 2016; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2016-1094-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: A vulnerability was found in the STI build process in OpenShift Enterprise. Access to STI builds was not properly restricted, allowing an attacker to use STI builds to access the Docker socket and escalate their privileges.; tags | advisory; systems | linux, redhat; advisories | CVE-2016-3703, CVE-2016-3708, CVE-2016-3738; SHA-256 | 9e7713afc2bf16c384a8dc63fbb0d707a04f446cb1f6dae65f1062ccd48021c2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 202 files
indoushka 108 files
Ubuntu 82 files
Gentoo 36 files
Jasper Nota 25 files
Willem Westerhof 19 files
Debian 18 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,100)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,789)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,546)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,754)
UNIX (9,437)
UnixWare (187)
Windows (6,674)
Other

CVE-2016-3708

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems