Context-Aware Web Attack Detection in Open-Source SIEM Systems Via MITRE ATT&CK-Enriched Behavioral Profiling

Security Information and Event Management SIEM systems aggregate log data from heterogeneous sources to detect coordinated attacks. Traditional rule-based correlation engines struggle to classify multi-step web application attacks because they examine each event without reference to the behaviour...

Alienvault OSSIM Open Source SIEM 4.1 - Multiple SQL Vulnerabilities

No description provided by source. Title: Alienvault OSSIM Open Source SIEM 4.1 Multiple SQL Vulnerabilities Date: February 15, 2013 Author: Glafkos Charalambous Vendor: AlienVault Vendor URL: http://www.alienvault.com Reported: February 17, 2013 Timeline: --------- 17 Feb 2013: Vulnerability...

AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability

AlienVault Open Source SIEM OSSIM SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Internet Explorer CVE-2014-1805 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet explorer ...

Alienvault Open Source SIEM (OSSIM) 4.6.1 - (Authenticated) SQL Injection (Metasploit)

Alienvault Open Source SIEM OSSIM 4.6.1 - Authenticated SQL Injection Metasploit Exploit Title: AlienVault newpolicyform.php SQLi Date: 5/9/2014 Exploit Author: chrisdhebertatgmail.com Vendor Homepage: http://www.alienvault.com/ Software Link: http://www.alienvault.com/free-downloads-services...

Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Multiple SQL Injections

source: https://www.securityfocus.com/bid/62790/info Open Source SIEM OSSIM is prone to multiple SQL-injection vulnerabilities. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Open Sourc...

Alienvault Open Source SIEM (OSSIM) - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/61456/info Open Source SIEM OSSIM is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

Alienvault OSSIM SIEM 4.1 SQL Injection Vulnerability

Alienvault OSSIM open source SIEM version 4.1 suffers from multiple remote SQL injection vulnerabilities. Title: Alienvault OSSIM Open Source SIEM 4.1 Multiple SQL Vulnerabilities Date: February 15, 2013 Author: Glafkos Charalambous Vendor: AlienVault Vendor URL: http://www.alienvault.com Reporte...

Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting Blind SQL Injection

Alienvault Open Source SIEM OSSIM 3.1 - Reflected Cross-Site Scripting Blind SQL Injection !/usr/bin/python ''' AlienVault has a reflected XSS vulnerability in the "url" parameter of "top.php". Proof of Concept: Enticing a logged in user to visit the following URL where an attacker is hosting an...

Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection

!/usr/bin/python ''' AlienVault has a reflected XSS vulnerability in the "url" parameter of "top.php". Proof of Concept: Enticing a logged in user to visit the following URL where an attacker is hosting an cookie grabber will allow for the hijacking of the user session:...

Alienvault OSSIM Open Source SIEM 3.1 Multiple Security Vulnerabilities

Exploit for php platform in category web applications Advisory: Alienvault OSSIM Open Source SIEM 3.1 Multiple security vulnerabilities Contact: email protected Author: Stefan Schurtz Affected Software: Successfully tested on Alienvault Open Source SIEM 3.1 32bit Vendor URL:...