Lucene search
AgixZDI-14-198HistoryJun 11, 2014 - 12:00 a.m.
AlienVault OSSIM av-centerd Util.pm update_system/upgrade_pro_web Remote Code Execution Vulnerability
2014-06-1100:00:00
agix
www.zerodayinitiative.com
16
0.605 Medium
EPSS
Percentile
97.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault Ossim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the av-centerd SOAP service. The issue lies in the handling of the update_system/upgrade_pro_web requests due to a failure to safely sanitize user data before executing a command. An attacker could leverage this vulnerability to execute code with root privileges.
References
Related
exploitpack
exploitpack
seebug
seebug
AlienVault OSSIM < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution
2014-07-01 00:00:00
packetstorm
packetstorm
Alienvault OSSIM av-centerd 4.7.0 get_log_line Command Injection
2017-09-14 00:00:00
zdt
zdt
Alienvault OSSIM av-centerd 4.7.0 - (get_log_line) Command Injection Exploit
2017-09-13 00:00:00
nessus
nessus
AlienVault OSSIM 'av-centerd' Remote Code Execution
2014-06-23 00:00:00
checkpoint_advisories
checkpoint_advisories
zdi
zdi
exploitdb
exploitdb
prion
prion
Design/Logic Flaw
2014-06-13 14:55:00
Cross site request forgery (csrf)
2014-06-13 14:55:00
Cross site request forgery (csrf)
2014-08-21 14:55:00
cve
cve
cvelist
cvelist
nvd
nvd
openvas
openvas
AlienVault OSSIM Multiple RCE Vulnerabilities
2014-06-20 00:00:00