Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30308
HistoryFeb 11, 2014 - 12:00 a.m.

AlienVault OSSIM SQL Injection vulnerability

2014-02-1100:00:00
vulners.com
45

INDEX

1. Background
2. Description
3. Affected Products
4. Vulnerability
5. Solution
6. Credit
7. Disclosure Timeline
  1. BACKGROUND

OSSIM by AlienVault is an Open Source Security Information and Event Management (SIEM) platform, comprising a collection of tools designed to aid network administrator in computer security, intrusion detection and prevention. 

(Wikipedia)

  1. DESCRIPTION

A vulnerability has been discovered in the OSSIM's OCS Inventory web interface due to    insufficient input validation before inserting untrusted, user-supplied data into a SQL query.
  1. AFFECTED PRODUCTS

AlienVault OSSIM 4.3
  1. VULNERABILITIES

4.1  /ocsreports/tele_stats.php

	4.11 The associated query was confirmed to be running with 'root' user privileges
  1. SOLUTION

Vendor contacted and confirmed that vulnerable application was removed in recent     versions. Upgrade to latest version.

http://forums.alienvault.com/discussion/1873/security-advisory-all-alienvault-versions-prior-to-v4-3-3-1
  1. CREDIT

This vulnerability was discovered by Andrew Smith.
  1. DISCLOSURE TIMELINE

1-18-2014 - Vulnerability Discovered
1-27-2014 - Vendor Informed
2-3-2014 - Public Disclosure