SynopsisAn application hosted on the remote web server has a directory traversal vulnerability.
DescriptionThe OSSIM install hosted on the remote host has a directory traversal vulnerability. Input to the 'timestamp' parameter of the '/ossim/ocsreports/tele_compress.php' script is not properly sanitized.
A remote attacker could exploit this to download arbitrary files, subject to the privileges under which the web server operates.
SolutionUpgrade to OSSIM 22.214.171.124 or later.