Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
d65010874489d225c3085afcb787f78f9d1021517611e74b4c0c5f2a43ca639c
Ubuntu Security Notice 3646-2 - USN-3646-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain sensitive information from another user's PHP applications. Various other issues were also addressed.
c40611a08b9ad45b2b520e451e6127c9a498e306b6b3a0882f04bb854dc3cdba
Red Hat Security Advisory 2018-1575-01 - Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan. This release of Red Hat JBoss Data Grid 7.2.0 serves as a replacement for Red Hat JBoss Data Grid 7.1.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a code execution vulnerability.
eefacd58973e083e2b8d73c6d05852e46101ca410b50d120d92f260a110f6dec
RS Authentication Manager versions prior to 8.3 P1 suffer from cross site scripting and XML external entity injection vulnerabilities.
5f29168627fcfedc466452591465cb7af5ada25e7ef720e7bc61f4c518a48f91
This Metasploit module exploits a vulnerability in Jenkins. An unsafe deserialization bug exists on the Jenkins, which allows remote arbitrary code execution via HTTP. Authentication is not required to exploit this vulnerability.
e113d2fe31f57558b68a1a915f47f25319abff18ad6045ed75023442be7953d9
This Metasploit module exploits a remote code execution vulnerability in the Struts Showcase app in the Struts 1 plugin example in Struts 2.3.x series. Remote code execution can be performed via a malicious field value.
3343992f21f9ecb6b543f0313f63aef8d719b76b47b30afb63b5c6f1d0f8fd45
This advisory documents proof of concept flows for manipulation the HTML tag injection vulnerability discovered in Signal Desktop. Versions affected include 1.7.1, 1.8.0, 1.9.0, 1.10.0, and 1.10.1.
5f9aa1e1147648a40479bc5b43a72f60f8b6d73aedadd62e3613fc7f5288b2b5
Ubuntu Security Notice 3642-2 - USN-3642-1 fixed a vulnerability in DPDK. This update provides the corresponding update for Ubuntu 17.10. Maxime Coquelin discovered that DPDK incorrectly handled guest physical ranges. A malicious guest could use this issue to possibly access sensitive information. Various other issues were also addressed.
8fe532f8353f1e5421bd17706a5c37467d8b0cdab55cefe5959ae68270a446a3
Ubuntu Security Notice 3649-1 - Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. Cyrille Chatras discovered that QEMU incorrectly handled multiboot. An attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. Various other issues were also addressed.
8d1fd8f5895618b90cefbd95f981ed47f49cbe3e49a20efeeb784bd6ffd48c02
MyBB Admin Notes plugin version 1.1 suffers from a cross site request forgery vulnerability.
952232605182b365a339a5cdd29595985f7168aa2d08d594d049fad27ea284f3
VirtueMart version 3.1.14 suffers from a cross site scripting vulnerability.
24e565c56c7f31f667c33aabf50e2f39ba1136a0136ce807c5f7254893fc8270
Ubuntu Security Notice 3648-1 - Dario Weisser discovered that curl incorrectly handled long FTP server command replies. If a user or automated system were tricked into connecting to a malicious FTP server, a remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. Max Dymond discovered that curl incorrectly handled certain RTSP responses. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
c65d1f87b06ccd75d36690b9c5b87c1f89bfe13c679ad86bf2049e999741df91
Rockwell Scada System version 27.011 suffers from a cross site scripting vulnerability.
faa77988caea596c3c8dcdca2b87fc0d9eb9ec0ca910db9160ab67bf37e1396d
Multiplayer BlackJack Online Casino Game version 2.5 suffers from a persistent cross site scripting vulnerability.
adc5d54b29f5daf2436646020da97ca6760d775ab01ab50b77a5fd5437c87e61
Horse Market Sell and Rent Port Script version 1.5.7 suffers from a cross site request forgery vulnerability.
376de679abd344d14343f0bf08b8b97a92b261735c9043fc40698401ad7a60d9
Inteno IOPSYS version 2.0 - 4.2.0 p910nd suffers from a remote command execution vulnerability.
f615fba4d9539a5dbd7d159a724c44724105b83272fb40dd71238d9daef82da6
vcftools version 0.1.15 suffers from out-of-bounds read, denial of service, buffer overflow, and use-after-free vulnerabilities.
9eefdd1e2925e6f95ad42de0c06c5cd451572d6217a1defb026d0d90bc7f3fd8
This Microsoft bulletin summary holds CVE updates for CVE-2018-8147, CVE-2018-8162, and CVE-2018-8176.
0adeb9c9d3a9a43a184d8da9479bd167c133a404bf0701972592c931b657a24e
Debian Linux Security Advisory 4201-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.
5f94aebb03d033ff9bb6ee8f33889d513f0b3522c4d68c721d0f40f7968f1c51