2 matches found
AlienVault OSSIM Framework Backup Command Execution (CVE-2014-5158)
A command execution vulnerability exists in AlienVault OSSIM Framework. The vulnerability is due to insufficient sanitization of user supplied data that is used to execute backup commands. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the...
CVE-2014-5158
CVE-2014-5158 affects AlienVault OSSIM (before 4.6.0). The vulnerability involves two components: (1) the av-centerd SOAP service and (2) the backup command in the ossim-framework service. A remote, unauthenticated attacker can execute arbitrary commands due to improper handling/sanitization of u...