Exploit Alienvault Open Source SIEM (OSSIM) - 'Timestamp' Directory Traversal

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
38784
Проверка EDB
  1. Пройдено
Автор
DING YU-CHI
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2013-10-08
Alienvault Open Source SIEM (OSSIM) - 'Timestamp' Directory Traversal
Код:
source: https://www.securityfocus.com/bid/62899/info

Open Source SIEM (OSSIM) is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue can allow an attacker to gain access to arbitrary system files. Information harvested may aid in launching further attacks.

Open Source SIEM (OSSIM) 4.3.3 is vulnerable; other versions may also be affected. 

http://www.example.com/ossim/ocsreports/tele_compress.php?timestamp=../../../../etc/ossim
 
Источник
www.exploit-db.com

Похожие темы