[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Multiple XSS vulnerabilities in OSSIM 2.2.1

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Multiple XSS vulnerabilities in OSSIM 2.2.1
From: nicolas.grandjean@xxxxxxxx
Date: 31 Mar 2010 12:16:41 -0000

================== Summary ==================

Multiple XSS vulnerabilities in OSSIM 2.2.1

Discovered by: CONIX Security (www.conix.fr)
Public Release Date: 3/31/2010
Vendor: Alienvault (www.alienvault.com)
Fixed: Yes (3/30/2010)

============= Technical Details =============

1. An attacker can redirect a victim to a malicious website by giving him a 
malicious URL, by social engineering or by phishing:

Example:

- http://ossim-server/ossim/nagios/index.php?sensor=www.attacker.com

The top links will then point to http://www.attacker.com

2. All the pages that contains the variable $_SERVER['PHP_SELF'] are vulnerable 
to an XSS:

Examples:

- 
http://ossim-server/ossim/control_panel/alarm_console.php/";><script>alert('xss')</script>
- 
http://ossim-server/ossim/control_panel/alarm_console.php/')"%20onMouseOver="alert('xss');//
- ...

Next by Date: Elevation of Privilege Vulnerability in iTunes for Windows
Next by thread: Elevation of Privilege Vulnerability in iTunes for Windows
Index(es):
- Date
- Thread