OSSIM <= 0.9.9 RC5 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 4398

Synopsis

The remote web server contains a PHP application that is affected by multiple flaws.

Description

The remote host is running OSSIM (Open Source Security Information Management), a suite of security tools managed by a web-based front-end. The version of OSSIM installed on the remote host fails to sanitize user input to the 'dest' parameter of the 'session/login.php' script before using it to generate dynamic HTML output. An unauthenticated attacker can exploit this to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected site. In addition, there is a SQL injection flaw within the 'modifyportform.php' script. An attacker exploiting this flaw would need the ability to authenticate to the application.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.ossim.net/news.php#75

http://www.securityfocus.com/archive/1/488450/30/0/threaded

Plugin Details

Severity: High

ID: 4398

Family: CGI

Published: 2/22/2008

Updated: 3/6/2019

Nessus ID: 31133

Risk Information

VPR

Risk Factor: Medium

Score: 6.1

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:U/RC:C

Vulnerability Information

CPE: cpe:/a:open_source_security_information_management:os-sim

Reference Information

CVE: CVE-2008-0919, CVE-2008-0920

BID: 27927, 27929