Want more timely Centmin Mod News Updates?
Become a Member

Security Unpatched Flaw Affects All Docker Versions (time-to-check-time-to-use (TOCTOU))

Discussion in 'All Internet & Web Performance News' started by eva2000, May 30, 2019.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    41,064
    9,174
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,079
    Local Time:
    8:00 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    A time-to-check-time-to-use (TOCTOU) attack affects all Docker versions and could give an attacker both read and write access to any file on the host system !

    From oss-sec: CVE-2018-15664: docker (all versions) is vulnerable to a symlink-race attack