Executive Summary

Summary
TitleContainer Privilege Escalation Vulnerability Affecting Cisco Products: February 2019
Informations
Namecisco-sa-20190215-runcFirst vendor Publication2019-02-15
VendorCiscoLast vendor Modification2019-02-15
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the Open Container Initiative runc CLI tool used by multiple products could allow an unauthenticated, remote attacker to escalate privileges on a targeted system.

The vulnerability exists because the affected software improperly handles file descriptors related to /proc/self/exe. An attacker could exploit the vulnerability either by persuading a user to create a new container using an attacker-controlled image or by using the docker exec command to attach into an existing container that the attacker already has write access to. A successful exploit could allow the attacker to overwrite the host's runc binary file with a malicious file, escape the container, and execute arbitrary commands with root privileges on the host system.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc"]

BEGIN PGP SIGNATURE

iQJ5BAEBAgBjBQJcZwX4XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczjzIQANgPqQKnb/GpcNY96DRULjjA0lxO 1HRsYxjpb+DqUECszX6rlzlvjQP4khTiRwGDG6Vnld0CUI5IucHc+XnPLVVa2UzT d7HpneFn2CBdI29oVJPawt3tR8+dHw/WInpTyZTidXp/v2V1zlMdeYjW8PvRr61M PGgrPqm+xo04528daw1/1yyKPoVVTuQB49RtralyvCbSchQlHd23jSYQsL8ycIh +sqDs7Mi9n3HKv+GVYV6vXUNhvMu7a4qUJ5H9fApmcKSxTtyy8Fkrywgd1JASmp+k h+DDx63FDFj/ZLu6rQV5iAbfrW7thID7rshXTZUQ3fP+PiEa/JAZV4wTrsysTtyi H5793cmNXKL/VVOUKhZSL58DS6E0zQrypclcr1w6wTwJI3R1GexsKfWuZlAPP6HO 4es7kHY/5XRH4TPBgrT9ZBDXRJT7XWxhTt62Sb5RjvaRPfhTseh/iGqzwUmtfqIb gWIAUiWqsYb2muTGeNnbTb5lWRuKmOkfe+7zcaajC7P3fRPE3pD61lQeU8om8PiB MGkoipFnJlZ/DqRpKnZxX32ZTlY3fd+wPA1T62JTqhJ3X1I3MBQvDwSKFfEIA2OE VvQd7EkNDX90JSYkrVLXr6n35OietjedPV8ISj5lKqCiXATNoWA34OFMT6xdQ4Hh ZreDQnlAutNJexwH =IMUK END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

%idName
100 %CWE-216Containment Errors (Container Errors)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application35
Application182
Application1
Application1
Application1
Application1
Application8
Application5
Os2
Os2
Os1
Os1

Snort® IPS/IDS

DateDescription
2019-03-19Multiple products runc arbitrary code execution attempt
RuleID : 49195 - Revision : 2 - Type : SERVER-OTHER

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2019-02-20 12:12:09
  • Multiple Updates
2019-02-15 21:18:26
  • First insertion