forked from bijoy26/cis-devsecops-poc
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.vuln
More file actions
24 lines (21 loc) Β· 796 Bytes
/
Dockerfile.vuln
File metadata and controls
24 lines (21 loc) Β· 796 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
FROM ubuntu:bionic-20180426
ENV DEBIAN_FRONTEND="noninteractive"
# source: @SamP10/VulnerableDockerfile
#Install dependencies
RUN apt-get update && apt-get upgrade -y
#Curl Vulnerability https://www.cvedetails.com/cve/CVE-2018-1000300/
RUN apt-get install -y curl && \
#GIT Vulnerability CVE https://www.cvedetails.com/cve/CVE-2018-17456/
apt-get install -y git && \
#OpenSSH Vulnerability https://www.cvedetails.com/cve/CVE-2018-15473/
apt-get install -y openssh-server && \
#Installation of ftp server
apt-get install -y proftpd
COPY ./userfiles/shadow /etc/shadow
COPY ./userfiles/passwd /etc/passwd
RUN chmod o-rwx /etc/shadow
RUN chmod o-rwx /etc/passwd
COPY ./user-data-ftp/ /home/
COPY ./sshd_config /etc/ssh/sshd_config
RUN service ssh start
CMD ["proftpd", "--nodaemon"]