Testbed Info

Nodes Specification

Each node has the following specifications:

Include two (2) Intel Xeon Processor E5-2620 V3 2.40GHz, 15M Cache, 8GT/s QPI, Turbo, 6C, 85W

Include 64GB of 2133MHz DDR4 ECC memory

Include one (1) 4TB 7.2K RPM Enterprise SATA 3.5” Hot-Plug Hard Drive

Include four (4) Gigabit Ethernet RJ45 LAN ports

Include two (2) 10GBASE-T ports

Include one (1) power supply unit

 

List of OS Images

 

Name

OS

Description

Ubuntu1404-64-STD
Linux
Ubuntu 14.04 LTS 64 bit Standard Image

 

List of Pre-compiled Host Vulnerability Environment

Name

OS

Description

CVE-2003-0947-iwconf
Linux
Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.
CVE-2004-0524-ch_pwd
Linux
Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name
CVE-2004-2093-rsync
Linux
Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable
CVE-2006-2465-MP3
Linux
Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability
CVE-2007-0368-MBSE
Linux
Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable
CVE-2007-3957-Xserv
Linux
Buffer overflow in Nipun Jain xserver 0.1 alpha allows remote attackers to cause a denial of service via a POST request with a long URI
CVE-2012-0809-SUDOF
Linux
Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo
CVE-2014-0160-HB
Linux
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets
CVE-2016-3714-ImageM
Linux
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image
CVE-2016-5195-DCW
Linux
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings
Hadoop273-master
Linux
A 2-node Hadoop 2.7.3 cluster, with one node running NameNode and ResourceManager, the other running NodeManager and DataNode. This is the image of the master node.
Hadoop273-slave
Linux
A 2-node Hadoop 2.7.3 cluster, with one node running NameNode and ResourceManager, the other running NodeManager and DataNode. This is the image of the slave node.

Do you need Help? Get in touch.

We will get back to you as soon as possible.