AlienVault OSSIM 'av-centerd' set_file() Remote Code Execution

high Nessus Plugin ID 76215

Synopsis

The remote host is affected by a remote code execution vulnerability.

Description

The remote host is running a version of AlienVault Open Source Security Information Management (OSSIM) that is affected by a remote code execution vulnerability in the 'av-centerd' SOAP service due to a failure to sanitize user input to the 'set_file' method. A remote, unauthenticated attacker can exploit this vulnerability to execute arbitrary code with root privileges.

Note that this version is reportedly also affected by an additional remote code execution vulnerability as well as an information disclosure issue. However, Nessus did not test for these additional issues.

Solution

Upgrade to 4.8.0 or later.

See Also

http://forums.alienvault.com/discussion/2806

https://www.zerodayinitiative.com/advisories/ZDI-14-205/

Plugin Details

Severity: High

ID: 76215

File Name: ossim_soap_4_8_0_remote_code_execution.nasl

Version: 1.7

Type: remote

Family: CGI abuses

Published: 6/25/2014

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:alienvault:open_source_security_information_management

Exploit Ease: No exploit is required

Patch Publication Date: 6/2/2014

Vulnerability Publication Date: 6/13/2014

Reference Information

CVE: CVE-2014-4151

BID: 68018