Home Resources Blog Docker Vulnerability Opens Servers to Container Code

Docker Vulnerability Opens Servers to Container Code

Admin Globaldots
31.05.2019
image 1 Min read

A recently discovered vulnerability in the Docker container platform could allow an attacker to gain access to files used by other containers and the host server itself. And, in an unusual progression of events, the vulnerability and exploits have been disclosed before patches are available.

The vulnerability, designated CVE-2018-15664, was discovered by researcher Aleka Sarai. A flaw in the Docker “cp” command, which provides a method for copying a file from the host system to a container, could give an attacker arbitrary read-write access to the host file system with root privileges.

A “race condition” — specifically a “time of check to time of use” (TOCTOU) bug — lies at the heart of the vulnerability. In this case, the problem is that a file path that has been checked for safe and authorized copying conditions can be changed between the time of verification and the time of copying, changed to any file, anywhere on the host server.

Read more: Dark Reading 

Learn More

Cloud Cost Optimization: A Strategic Approach to Business Expansion
Cloud Cost Optimization
Admin Globaldots 18.05.23

FinOps is a strategic framework designed to manage and optimize cloud costs effectively. It’s a transformative approach that brings financial accountability to the forefront of the variable spend model of cloud computing. This model allows businesses to gain a firm grip on their cloud expenses, ensuring that every dollar spent is accounted for and utilized […]

Read more
AWS Data Transfer Cost Optimization: Everything You Need to Know
Cloud Cost Optimization
Admin Globaldots 17.05.23

While AWS services provide a wealth of mission-critical services – storing over 2.2 trillion objects in S3 – many organizations are left floundering in the solution’s complex pricing structures. Spanning transfer types and geographies, data transfer costs can be hugely unpredictable and rapidly get out of hand.  Below, we leverage decades of industry experience to […]

Read more
Real-Life Use Case: Automated K8s Optimization Cuts 91% of FinTech Firm’s Cloud Costs
Cloud Cost Optimization
Admin Globaldots 10.04.23

Containers are the foundation of today’s hyper-agile DevOps landscape. Developers can enjoy the reliability of a single environment to run code, with no unexpected hiccups or changes between testing and production. Segmented applications benefit from faster and more efficient delivery, as each functionality evolves via its own isolated lifecycle. As powerful as the foundation that […]

Read more
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Book a Demo