AlienVault OSSIM Remote Code Execution (CVE-2017-6971)

A remote code execution vulnerability exists in AlienVault OSSIM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

NfSen 1.3.7 AlienVault OSSIM 5.3.4 - Command Injection

NfSen 1.3.7 AlienVault OSSIM 5.3.4 - Command Injection Exploit Title: NfSen/AlienVault remote root exploit IPC query command injection Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault 5.3.4 Date: 2017-07-10 Vendor Homepage:...

NfSen < 1.3.7 / AlienVault OSSIM 5.3.4 - Command Injection

Exploit Title: NfSen/AlienVault remote root exploit IPC query command injection Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault 5.3.4 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/ Vendor Homepage:...

CVE-2017-6971

creationtimestamp| type| source ---|---|--- 2017-07-10 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42306...

Code injection

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971...

CVE-2017-6971

CVE-2017-6971 affects AlienVault USM/OSSIM before 5.3.7 and NfSen before 1.3.8. A remote authenticated attacker can trigger arbitrary commands (or a reverse shell) through crafted requests manipulating NfSen’s PHP code (notably nfsen.php) and the PHP session ID, achieving root-level execution on ...