Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

BASE < 1.3.8 Redirect Authentication Bypass

Medium

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The remote host is running BASE, a web-based tool for analyzing alerts from one or more SNORT sensors. The version of BASE installed on the remote host fails to sanitize user-supplied input to the 'base_main.php'. An attacker exploiting this flaw would be able to access confidential data without authorization.

Solution

Upgrade to version 1.3.8 or higher.