BASE < 1.3.8 Redirect Authentication Bypass
Medium Nessus Network Monitor Plugin ID 4076
SynopsisThe remote host is vulnerable to a flaw that allows for the bypassing of authentication.
DescriptionThe remote host is running BASE, a web-based tool for analyzing alerts from one or more SNORT sensors. The version of BASE installed on the remote host fails to sanitize user-supplied input to the 'base_main.php'. An attacker exploiting this flaw would be able to access confidential data without authorization.
SolutionUpgrade to version 1.3.8 or higher.