AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
Exploiting this issue can allow an attacker to gain access to arbitrary system files. Information harvested may aid in launching further attacks.
Updates are available.
Open Source SIEM (OSSIM) is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
All AlienVault Versions prior to v220.127.116.11
Send a special crafted HTTP GET request and check the response.
Updated on 2017-03-28
- Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
- b2ePMS Multiple SQL Injection Vulnerabilities
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- Admin News Tools Multiple Vulnerabilities
- AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities