OSSIM version 2.2.1 suffers from a cross site request forgery vulnerability.
8fac8d4b7839a6b7c8bdedf4bc5d68cf571a9262e16b08e365fc2a9c41cdf510NfSen version 1.3.7 and AlienVault OSSIM version 4.3.1 suffer from a customfmt command injection vulnerability.
6b2e5703fd89723e64a82ec4b72ba979239fa1d8e95511ce4df0a2e31d8f0b19NfSen version 1.3.7 and AlienVault USM/OSSIM version 5.3.4 suffer from a remote command injection vulnerability.
95d2698b9bc2ea6a348d98c0e7be5759acfc23cd3feb8a3ccd45bbe1ab8f1470NfSen versions 1.3.7 and below and AlienVault USM/OSSIM versions 5.3.6 and below suffer from a local privilege escalation vulnerability.
a8b33f56ffd726c88dbc984a9d7a8588f36a32cd8aedb73c518ecc1dead228c9This Metasploit module exploits an unauthenticated command injection in Alienvault USM/OSSIM versions 5.3.4 and 5.3.5. The vulnerability lies in an API function that does not check for authentication and then passes user input directly to a system call as root.
d72c139011d02b5dd53490824fea6a9d33d4ea93c69d1eaa4c8702f390b4d945Alienvault OSSIM / USM versions 5.3.0 and below suffer from an authentication bypass vulnerability.
ccc7d25b13cf43b235374996a93e7e29606307a1b963ca5677daa1e44f30002dThis Metasploit module exploits object injection, authentication bypass and ip spoofing vulnerabilities all together. Unauthenticated users can execute arbitrary commands under the context of the root user. By abusing authentication bypass issue on gauge.php lead adversaries to exploit object injection vulnerability which leads to SQL injection attack that leaks an administrator session token. Attackers can create a rogue action and policy that enables to execute operating system commands by using captured session token. As a final step, SSH login attempt with a invalid credentials can trigger a created rogue policy which triggers an action that executes operating system command with root user privileges. This Metasploit module was tested against following product and versions: AlienVault USM 5.3.0, 5.2.5, 5.0.0, 4.15.11, 4.5.0 AlienVault OSSIM 5.0.0, 4.6.1
ac4cd7158b0ae42d40bce75202d5221b0347a49712ff529804a31fe058562cf0Alienvault OSSIM/USM versions 5.3.1 and below suffer from a php object injection vulnerability.
15c73504476ef61ce3f78973018cb8b2513108fb8a4f815dca1ef6a0da27f672Alienvault OSSIM/USM versions 5.3.1 and below suffer from a stored cross site scripting vulnerability.
373697a8bc5814e72590ca5c5ffda41e105c91a84d2e74b0d4e25fb2659889b6Alienvault OSSIM/USM versions 5.3.1 and below suffer from a remote SQL injection vulnerability.
30fc087a9e2c28203acf4fa8bf0c93d8dbf91426b95c05cb6c56d71080f5ecdcAlienvault OSSIM/USM versions 5.3.1 and below suffer from a cross site scripting vulnerability.
67edb0c1f8dc320c504c4dc2955487eacc3b39dcbb0d2dd72fa7e4322b63bd3eAlienVault USM/OSSIM version 5.2 suffers from a cross site scripting vulnerability.
52d6e5998255d0e9741227d3f9f592c61f60e95789c4df2d2c3f1ba5af0dbda1AlienVault OSSIM version 4.3 suffers from a cross site request forgery vulnerability.
070be2bd3bbec9a09484c82f4dfab63895888bf9f5181660c7a06235ad2250d5Alienvault OSSIM/USM versions 4.14, 4.15, and 5.0 suffer from cross site scripting, remote command execution, and remote SQL injection vulnerabilities.
05fedd0172a711f1b3ebccf206431da754dbc59c1c66baabdd88b6a813ba1830Alienvault OSSIM/USM versions 4.14.x and below suffer from a remote command execution vulnerability. Proof of concept included.
a68baa3bbf3f63879d7b7f3eaa8c9b8bc017abc0c0112daba2b272eca6043950This Metasploit module exploits an unauthenticated SQL injection vulnerability affecting AlienVault OSSIM versions 4.3.1 and lower. The SQL injection issue can be abused in order to retrieve an active admin session ID. If an administrator level user is identified, remote code execution can be gained by creating a high priority policy with an action containing our payload.
b58a85510e5daac3f9d9b649fd1dbf074e6a06ca09a0eb2b485f9cc59e6e2bddAlienVault OSSIM version 4.3 suffers from a remote SQL injection vulnerability.
5ca78d190ca63e9f10a2d9625f09ad36148d75d7be25be8d9db671624b862a1dAlienvault OSSIM versions prior to 4.3.0 suffer from multiple reflective cross site scripting vulnerabilities.
b97b24ad187260fb2d369e36bc782d9527bb13c5629ef33949027b13a42c4a22Alienvault OSSIM open source SIEM version 4.1 suffers from multiple remote SQL injection vulnerabilities.
cec5b0d081cb8bbd769dd87f67d17d9598653efb5fe766c3fed3b0ae82e30776AlienVault OSSIM versions 4.1.2 and below suffer from remote SQL injection vulnerabilities.
edf35d0b9315cc82230669af31e17a817456a6ac0929e244282a0af64f6ac336Secunia Security Advisory - Ibrahim M. El-Sayed has reported some vulnerabilities in OSSIM, which can be exploited by malicious people to conduct cross-site scripting attacks.
441cc0588db4e3e28728d30db8fed8ef8cc78fff52f613c94a7a398326ffaa2aSecunia Security Advisory - Stefan Schurtz has discovered two vulnerabilities in OSSIM, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
aa92c7fd1514c0da05535bee16e3230770c65f4434b7c870cd8800a130d0fecbSecunia Security Advisory - CONIX Security has discovered some vulnerabilities in OSSIM, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks.
6e02fcf3d4f9ce7f171f0771d98da8a44352b03be77cae50bbe2699ac2d01effOSSIM version 2.2.1 suffers from a cross site scripting vulnerability.
6e4c14c8aec37791b959d328a1ff9ea0a8783eb80875f32046ccca8bb2a4c4efSecunia Security Advisory - Some vulnerabilities have been reported in OSSIM, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to disclose sensitive information.
3b43a51582c2b6372f517f39da109443c5db488348fb316894ce396467489aadCYBSEC Security Advisory - OSSIM version 2.2 suffers from a remote command execution vulnerability.
fa7bc7dccfc1eea54e33881d98d9b73763826b24c23c03bff189b25b91634c35
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed