The remote NewStart CGSL host, running version MAIN 6.06 (SP), has docker-ce packages installed that are affected by multiple vulnerabilities:

  - runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite     the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a     command as root within one of these types of containers: (1) a new container with an attacker-controlled     image, or (2) an existing container, to which the attacker previously had write access, that can be     attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
    (CVE-2019-5736)

  - Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0,     17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a     Denial of Service via a crafted image layer payload, aka gzip bombing. (CVE-2017-14992)

  - The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block     /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are     used) by leveraging Docker container access to write a scsi remove-single-device line to     /proc/scsi/scsi, aka SCSI MICDROP. (CVE-2017-16539)

  - libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than     ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall     arguments could bypass intended access restrictions by specifying a single matching argument.
    (CVE-2017-18367)

  - The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block     /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling     bluetooth or turning up/down keyboard brightness. (CVE-2018-10892)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

NewStart CGSL MAIN 6.06 (SP) : docker-ce Multiple Vulnerabilities (NS-SA-2026-0011)

high Nessus Plugin ID 301190

Version 1.2