7 matches found
CVE-2017-6972
CVE-2017-6972 affects AlienVault USM/OSSIM before 5.3.7 and NfSen before 1.3.8, exposing a privilege-dropping bug that causes NfSen Perl components to run as root. Public exploit references (exploit-db entries 42314, 42305/42306) describe remote command execution and potential root access when ex...
CVE-2017-6970
CVE-2017-6970 describes a local privilege escalation affecting NfSen 1.3.7 and AlienVault USM/OSSIM before 5.3.7/5.3.6. The issue arises from an OS command injection via the NfSen IPC UNIX domain socket , exploited by a web user (www-data) to execute crafted commands in the Perl components, ultim...
CVE-2017-6971
CVE-2017-6971 affects AlienVault USM/OSSIM before 5.3.7 and NfSen before 1.3.8. A remote authenticated attacker can trigger arbitrary commands (or a reverse shell) through crafted requests manipulating NfSen’s PHP code (notably nfsen.php) and the PHP session ID, achieving root-level execution on ...
CVE-2009-3441
OSSIM (Open Source Security Information Management) is affected by CVE-2009-3441. Before version 2.1.2, remote attackers can bypass authentication and read graphs or infrastructure information by directly requesting (1) graphs/alarms_events.php or (2) host/draw_tree.php. The vulnerability arises ...
CVE-2009-3439
CVE-2009-3439 involves multiple SQL injection vulnerabilities in OSSIM prior to 2.1.2. Remote authenticated users can execute arbitrary SQL commands via parameters in several PHP scripts: repository_document.php, repository_links.php, repository_editdocument.php (repository/); policy/getpolicy.ph...
CVE-2016-7955
CVE-2016-7955 affects AlienVault OSSIM/USM prior to 5.3.1. The vulnerability resides in the logcheck function (session.inc); by crafting a specific value in the AV Report Scheduler HTTP User-Agent header, an unauthenticated remote attacker can bypass authentication and, as a result, obtain sensit...
CVE-2009-3440
The CVE-2009-3440 entry describes a Cross-Site Scripting (XSS) vulnerability in Open Source Security Information Management (OSSIM) prior to version 2.1.2. The issue arises from insufficient input validation on the option parameter of the default URI (the main menu), allowing remote attackers to ...