393 matches found
Hostintel - A Modular Python Application To Collect Intelligence For Malicious Hosts
This tool is used to collect various intelligence sources for hosts. Hostintel is written in a modular fashion so new intelligence sources can be easily added. Hosts are identified by FQDN host name, Domain, or IP address. This tool only supports IPv4 at the moment. The output is in CSV format an...
pages.alienvault.com XSS vulnerability
Open Bug Bounty ID: OBB-696022 Description| Value ---|--- Affected Website:| pages.alienvault.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Vote for Malwarebytes Labs: European Security Blogger Awards 2018
It's nearly time for Infosec Europe 2018, and that means it's also time to consider voting for your favourite security blogs, podcasts, video channels, and more for the upcoming European Security Blogger Awards. Thanks to your generous votes, we've been fortunate enough to pick up the award for...
AlienVault USM and OSSIM Remote Code Execution Vulnerabilities
AlienVault USM and OSSIM are both products of AlienVault Inc. of the U.S. USM is a set of security management platform that provides security monitoring, security event management and reporting, threat awareness system, etc. OSSIM is an open source security information management system. A securi...
CVE-2018-7279
A remote code execution issue was discovered in AlienVault USM and OSSIM before 5.5.1...
Remote code execution
A remote code execution issue was discovered in AlienVault USM and OSSIM before 5.5.1...
CVE-2018-7279
A remote code execution issue was discovered in AlienVault USM and OSSIM before 5.5.1...
CVE-2018-7279
CVE-2018-7279 affects AlienVault USM and OSSIM prior to version 5.5.1, describing a remote code execution vulnerability. The available documents identify the affected products and the vulnerability class but do not provide root cause details, exploit vectors, or a confirmed remediation. CNVD and ...
CVE-2018-7279
A remote code execution issue was discovered in AlienVault USM and OSSIM before 5.5.1...
The vulnerability of the NfSen web interface, the system for management, control, and information security management of AlienVault USM and OSSIM, is related to deficiencies in access control. This allows attackers to enhance their privileges and execute arbitrary commands on the operating system.
The vulnerability of the NfSen web interface, as well as the systems for management, control, and information security management of AlienVault USM and OSSIM, is related to deficiencies in access control. Exploitation of this vulnerability can allow a malicious actor to enhance their privileges a...
AlienVault : DNS pinning SSRF
Hello there, this is for the otx.alienvault.com domain, but I couldn't mark it in the drop down menu. I saw the note about the 2 weeks so I decide to report this. Summary: I've found that you can perform a SSRF attackwith DNS pinning and read the response from url http://169.254.169.254 Browsers...
AlienVault : Puplic .htaccess/.htpasswd/.canvas files leads to password disclosure.
iam a big fan of fuzzing/bruteforcing after my last submission 288533 on http://data.alienvault.com, i decided to go further, after some bruteforcing i came across this directory which looked kinda interesting for me http://data.alienvault.com/snort/ when u try to access the directory you will ge...
AlienVault : SSRF bypass for https://hackerone.com/reports/285380 (query AWS instance)
Description The SSRF fix can be bypassed, using domain, pointed to the AWS IP 169.254.169.254, like metadata.nicob.net. POC https://www.threatcrowd.org/domain.php?domain=metadata.nicob.net F237437 Suggested fix While there is no 100% way to validate the domains using only string-based checks, you...
AlienVault : SSRF protection bypass
As said in report 285380, using the decimal IP notation is bypassing the fix : https://www.threatcrowd.org/domain.php?domain=2852039166...
AlienVault : SQL Injection in AlienVault Product Forums
SQL Injection in alienvault.com on | AlienVault Product Forums |...
AlienVault : [www.threatcrowd.org] - SSRF : AWS private key disclosure
Summary: I've found that you can SSRF to 169.254.169.254 using the domain check feature. Private keys disclosed. Browsers Verified In: Firefox ESR 45.8.0 Steps To Reproduce: 1. Simple browse to...
AlienVault : [www.threatcrowd.org] Reflected XSS Bypass
bypass for reflected XSS utilizing JS...
AlienVault : DOM-Based XSS in www.alienvault.com
Summary: There is a DOM-Based XSS vulnerability in the 'usma-code' parameter in /products/usm-anywhere/free-trial/thank-you-approved . Description: The link...
AlienVault : DOM Based XSS in https://threatcrowd.org
Hello AlienVault security team, I found a DOM Based XSS in https://threatcrowd.org via report function. Proof of Concept Steps to reproduce: 1. https://threatcrowd.org/report.php?report= 2. Fill in with this payload: javascript:promptdocument.domain 3. Send link to victim, when victim click in to...
CVE-2017-14956
AlienVault USM v5.4.2 and earlier offers authenticated users the functionality of exporting generated reports via the "/ossim/report/wizardemail.php" script. Besides offering an export via a local download, the script also offers the possibility to send out any report via email to a given address...