108 matches found
CVE-2016-8583
CVE-2016-8583 affects AlienVault OSSIM/USM prior to version 5.3.2. The vulnerability is a reflected XSS in the vulnerability scan scheduler where multiple GET parameters (e.g., jobname, timeout, sched_id, targets[]) in /ossim/vulnmeter/sched.php can reflect attacker-supplied input. The issue stem...
CVE-2016-8583
Multiple GET parameters in the vulnerability scan scheduler of AlienVault OSSIM and USM before 5.3.2 are vulnerable to reflected XSS...
CVE-2016-8582
A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOADFILE...
CVE-2016-8582
Summary of CVE-2016-8582 : A SQL injection vulnerability exists in the gauge.php component of AlienVault OSSIM/USM prior to 5.3.2. The flaw is triggered in the value parameter of /ossim/dashboard/sections/widgets/data/gauge.php, where a serialized array can carry a SQL query in the type field, en...
CVE-2016-8581
CVE-2016-8581 is a stored XSS vulnerability in the User-Agent header of the login process of AlienVault OSSIM/USM up to version 5.3.1, allowing an attacker to steal session IDs when an admin views current sessions. Root cause: improper handling of the User-Agent header enabling script injection. ...
CVE-2016-8580
Summary (concrete details): AlienVault OSSIM/USM before 5.3.2 is affected by a PHP object injection vulnerability caused by unsafe unserialize() usage in multiple widgets (flow_chart.php, gauge.php, honeypot.php, image.php, inventory.php, otx.php, rss.php, security.php, siem.php, taxonomy.php, ti...
CVE-2016-6913
Cross-site scripting XSS vulnerability in AlienVault OSSIM before 5.3 and USM before 5.3 allows remote attackers to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.php...
Cross site scripting
Cross-site scripting XSS vulnerability in AlienVault OSSIM before 5.3 and USM before 5.3 allows remote attackers to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.php...
CVE-2016-6913
Cross-site scripting XSS vulnerability in AlienVault OSSIM before 5.3 and USM before 5.3 allows remote attackers to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.php...
AlienVault USM/OSSIM 5.2 Cross Site Scripting
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: AlienVault USM/OSSIM Vendor URL: www.alienvault.com Type: Cross-Site Scripting CWE-79 Date found: 2016-05-24 Date published: 2016-08-23 CVSSv3 Score: 5.4...
FreeBSD-SA-16:06.bsnmpd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:06.bsnmpd Security Advisory The FreeBSD Project Topic: Insecure default snmpd.config permissions Category: contrib Module: bsnmpd Announced: 2016-01-14...
AlienVault Unified Security Management: Real-Time Threat Detection Starting on Day 1
As organizations expand their IT infrastructure to match their evolving business models and meet changing regulatory requirements, they often find that their networks have become extremely complex and challenging to manage. A primary concern for many IT teams is detecting threats in the mountain ...
How to Build a Successful Incident Response Plan
The fight to protect your company’s data isn’t for the faint of heart. As an embattled IT warrior, with more systems, apps, and users to support than ever before, keeping everything up and running is a battle in itself. When it comes to preventing the worst-case scenario from happening, you need...
How to Detect IE Zero-day Exploit Used to Deploy Korplug Malware
Recently, Microsoft issued an Emergency patch for a zero-day vulnerability in Internet Explorer that is being exploited to deploy Korplug malware on vulnerable PCs. Korplug, a known variant of PlugX, is a Trojan that creates a backdoor used for information stealing on infected computers. In one o...
FBI’s Cyber Task Force Identifies Stealthy FF-RATs used in Cyber Attack
In both April and June this year, a series of cyber attacks was conducted against the United States Office of Personnel Management OPM. These attacks resulted in 21 million current and former Federal government employees’ information being stolen. After months of investigation, the FBI’s Cyber Ta...
Volatile Cedar — Global Cyber Espionage Campaign Discovered
Security firm Check Point has uncovered what seems to be a successful, and long-running, cyber-surveillance campaign called “Volatile Cedar.” Check Point found that targets of the attack included, but were not limited to, defense contractors, media companies, telecommunications, and educational...
Alienvault OSSIMUSM 4.144.155.0 - Multiple Vulnerabilities
Alienvault OSSIMUSM 4.144.155.0 - Multiple Vulnerabilities Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely...
Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities
Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...
Alienvault OSSIM/USM 4.x / 5.0 XSS / SQL Injection / Command Execution
Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...
CVE-2015-3446
Affected software/component: AlienVault Unified Security Management (USM) — Framework Daemon. Vulnerability: remote attackers can execute arbitrary Python code by sending a crafted plugin configuration file (.cfg). Root cause/impact: the flaw allows code execution with root privileges and does no...