Secunia Security Advisory - Some vulnerabilities have been reported in OSSIM, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to disclose sensitive information.
3b43a51582c2b6372f517f39da109443c5db488348fb316894ce396467489aad
----------------------------------------------------------------------
Use WSUS to deploy 3rd party patches
Public BETA
http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/
----------------------------------------------------------------------
TITLE:
OSSIM Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA38969
VERIFY ADVISORY:
http://secunia.com/advisories/38969/
DESCRIPTION:
Some vulnerabilities have been reported in OSSIM, which can be
exploited by malicious users to compromise a vulnerable system and by
malicious people to disclose sensitive information.
1) Input passed via the "file" parameter to repository/download.php
is not properly verified before being used. This can be exploited to
download arbitrary local files from an affected system via directory
traversal sequences.
2) The script repository/repository_attachment.php does not properly
validate the extension of files uploaded to a folder within the web
root. This can be exploited to upload files with an arbitrary
extension and e.g. execute arbitrary PHP code.
3) Input passed via the "what" parameter to sem/storage_graphs.php,
sem/storage_graphs2.php,
sem/storage_graphs3.php, and sem/storage_graphs4.php is not properly
sanitised before being used on the command line. This can be
exploited to inject and execute arbitrary commands.
Successful exploitation of vulnerabilities #2 and #3 requires
authentication.
The vulnerabilities are reported in version 2.2. Prior versions may
also be affected.
SOLUTION:
Update to version 2.2.1.
PROVIDED AND/OR DISCOVERED BY:
Nahuel Grisolia, Cybsec Security Systems
ORIGINAL ADVISORY:
OSSIM:
http://www.alienvault.com/docs/2.2.1_release_notes.txt
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------