OSSIM <= 0.9.9 RC5 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 4398
SynopsisThe remote web server contains a PHP application that is affected by multiple flaws.
DescriptionThe remote host is running OSSIM (Open Source Security Information Management), a suite of security tools managed by a web-based front-end. The version of OSSIM installed on the remote host fails to sanitize user input to the 'dest' parameter of the 'session/login.php' script before using it to generate dynamic HTML output. An unauthenticated attacker can exploit this to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected site. In addition, there is a SQL injection flaw within the 'modifyportform.php' script. An attacker exploiting this flaw would need the ability to authenticate to the application.
SolutionUpgrade or patch according to vendor recommendations.