oss-sec mailing list archives

Re: headintheclouds tmp vulns - also request for referees decision on tmp vulns in deployment tools

From: cve-assign () mitre org
Date: Tue, 9 Sep 2014 10:24:51 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

there shouldn't be any users on the docker image while it's being
deployed (or indeed any software pretty much at all)

it is a pretty blatant tmp vuln


It's missing one of the essential characteristics of a vulnerability:
an attack that crosses privilege boundaries.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJUDw0YAAoJEKllVAevmvmslxIH/0WJOQfMGT0U9aBjL+xD9p10
Ym7mFPXVEpP4joqhj+t5rqZrw8TXtl8hIAeprwVyRG4Lk2ZgcMfRbje3JRWc0wj6
qHcZAFzIwDiKBWel9ttlQDAL4ZXQbUoNxMiRMdTYS8Ohmvx6aWpxARw8QJuahPpz
80gkSInRkdcJJigUGkNnrCxhIL2UgNRGIJ8X5zxqZDiXEI+dSJ0tCL+Z8g254NAk
AxyONOJvq/QQcbb4sqlgUUsm+DzmqsqpriBjpwvXsMqPg29ihEWw1mJ1ZqxOZVWv
XtC3FfoJrtVO3/VcChMgaDVfUNEN8w2qTo6iiMpoHW7enWBU3+6LI2P0lv5rGgo=
=+c+S
-----END PGP SIGNATURE-----

Current thread:

headintheclouds tmp vulns - also request for referees decision on tmp vulns in deployment tools Kurt Seifried (Sep 08)
- Re: headintheclouds tmp vulns - also request for referees decision on tmp vulns in deployment tools cve-assign (Sep 09)