Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
39ea7027de33d3f510ceceb4aa8433e0
Ubuntu Security Notice 3646-2 - USN-3646-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain sensitive information from another user's PHP applications. Various other issues were also addressed.
ae0a82d9affb22e21c4f389ad7789281
Red Hat Security Advisory 2018-1575-01 - Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan. This release of Red Hat JBoss Data Grid 7.2.0 serves as a replacement for Red Hat JBoss Data Grid 7.1.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a code execution vulnerability.
88e677ff471651f154acb3728bab8b3a
RS Authentication Manager versions prior to 8.3 P1 suffer from cross site scripting and XML external entity injection vulnerabilities.
64f46f62982ecef4ac4dd6fbab721205
This Metasploit module exploits a vulnerability in Jenkins. An unsafe deserialization bug exists on the Jenkins, which allows remote arbitrary code execution via HTTP. Authentication is not required to exploit this vulnerability.
a3aeb852830fc3dbdd714d7dccd5cd1b
This Metasploit module exploits a remote code execution vulnerability in the Struts Showcase app in the Struts 1 plugin example in Struts 2.3.x series. Remote code execution can be performed via a malicious field value.
354fce33983d17e45d41971c85b42100
This advisory documents proof of concept flows for manipulation the HTML tag injection vulnerability discovered in Signal Desktop. Versions affected include 1.7.1, 1.8.0, 1.9.0, 1.10.0, and 1.10.1.
660bd6347ef764f0453a90d36941066a
Ubuntu Security Notice 3642-2 - USN-3642-1 fixed a vulnerability in DPDK. This update provides the corresponding update for Ubuntu 17.10. Maxime Coquelin discovered that DPDK incorrectly handled guest physical ranges. A malicious guest could use this issue to possibly access sensitive information. Various other issues were also addressed.
b6d4dc201566e27c9e5c69fbb347e159
Ubuntu Security Notice 3649-1 - Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. Cyrille Chatras discovered that QEMU incorrectly handled multiboot. An attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. Various other issues were also addressed.
328c7fe35bf9b4dcb186ccdd37961b7e
MyBB Admin Notes plugin version 1.1 suffers from a cross site request forgery vulnerability.
7d7f773fd053f17acf139e4e91b09a31
VirtueMart version 3.1.14 suffers from a cross site scripting vulnerability.
e4badb4b696a84752a25e2c7846f6caf
Ubuntu Security Notice 3648-1 - Dario Weisser discovered that curl incorrectly handled long FTP server command replies. If a user or automated system were tricked into connecting to a malicious FTP server, a remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. Max Dymond discovered that curl incorrectly handled certain RTSP responses. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
61182442578b6aa2ee7114cf2de837a2
Rockwell Scada System version 27.011 suffers from a cross site scripting vulnerability.
77c12966701cd16cfeafb126846ac1d6
Multiplayer BlackJack Online Casino Game version 2.5 suffers from a persistent cross site scripting vulnerability.
820b5f66fc1bdf7f53d42cbc7040ce2b
Horse Market Sell and Rent Port Script version 1.5.7 suffers from a cross site request forgery vulnerability.
d826df440ff29bb5f9a74c3f7a7f6608
Inteno IOPSYS version 2.0 - 4.2.0 p910nd suffers from a remote command execution vulnerability.
f12cc1a1d1f999986c5f4c6d593268a7
vcftools version 0.1.15 suffers from out-of-bounds read, denial of service, buffer overflow, and use-after-free vulnerabilities.
2651784ca5ca6bc6e1c40cc6eaf3dd7e
This Microsoft bulletin summary holds CVE updates for CVE-2018-8147, CVE-2018-8162, and CVE-2018-8176.
0a3d3a672400ee45a917c06494c1b2eb
Debian Linux Security Advisory 4201-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.
6a2925f0955d67772df80c9d7b10ff00