Test ID:	1.3.6.1.4.1.25623.1.0.122713
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2015-3085)
Summary:	The remote host is missing an update for the 'docker-engine' package(s) announced via the ELSA-2015-3085 advisory.
Description:	Summary: The remote host is missing an update for the 'docker-engine' package(s) announced via the ELSA-2015-3085 advisory. Vulnerability Insight: [1.8.3-1.0.1] - Enable configuration of Docker daemon via sysconfig [orabug 21804877] - Add documentation files to binary RPM [1.8.3] - Fix layer IDs lead to local graph poisoning (CVE-2014-8178) - Fix manifest validation and parsing logic errors allow pull-by-digest validation bypass (CVE-2014-8179) - Add --disable-legacy-registry to prevent a daemon from using a v1 registry Affected Software/OS: 'docker-engine' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8178 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00014.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00036.html https://github.com/docker/docker/blob/master/CHANGELOG.md#183-2015-10-12 https://groups.google.com/forum/#%21msg/docker-dev/bWVVtLNbFy8/UaefOqMOCAAJ https://www.docker.com/legal/docker-cve-database Common Vulnerability Exposure (CVE) ID: CVE-2014-8179 https://blog.docker.com/2015/10/security-release-docker-1-8-3-1-6-2-cs7/
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.