AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
Exploiting this issue can allow an attacker to gain access to arbitrary system files. Information harvested may aid in launching further attacks.
Updates are available.
Open Source SIEM (OSSIM) is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
All AlienVault Versions prior to v188.8.131.52
Send a special crafted HTTP GET request and check the response.
Updated on 2017-03-28
- AlienVault OSSIM 'date_from' Parameter Multiple SQL Injection Vulnerabilities
- Adiscon LogAnalyzer Multiple SQL Injection and XSS Vulnerabilities
- AdPeeps 'index.php' Multiple Vulnerabilities.
- Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
- Astium VoIP PBX SQL Injection Vulnerability