Hosting vulnerabilities

The choice of vulnerability to host is one of the more difficult parts when it comes to making challenges. If the vulnerability is too easy, the challengers will tear through it; however, if the vulnerability is too hard, the majority of the target audience are alienated. To resolve this, I've provided some suggestions of vulnerabilities to host, marked for difficulty of setup and difficulty of exploitation. For reference, the following descriptions of difficulties are provided:

• The following are the various levels in difficulty of setup:
  • Simple – This level of difficulty requires installation of the affected software
  • Moderate – This level of difficulty requires installation of the affected software on a specific operating system
  • Complex – This level of difficulty requires installation and configuration of the affected software on, specific operating system
• The following are the various levels in difficulty of exploitation:
  • Simple – This level of difficulty requires the use of out-of-the-box tools
  • Moderate – This level of difficulty requires configuration and the use of out-of-the-box tools or simple scripting to perform exploits
  • Complex – This level of difficulty requires the creation of complex scripts, else it is not supported by common exploitation tools