vendor:
OSSIM
by:
Marcin Kopec
7.5
CVSS
HIGH
SQL Injection, Cross Site Scripting
89, 79
CWE
Product Name: OSSIM
Affected Version From: 0.9.9rc5
Affected Version To: 0.9.9rc5
Patch Exists: YES
Related CWE: N/A
CPE: a:ossim:ossim
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2008
OSSIM Vulnerabilities
OSSIM is a free implementation of Security Information Management (SIM) system, equipped with many useful security tools (nessus, snort, p0f, ntop, ...) managed from easy-to-use web panel. The bug exists in portname parameter of modifyportform.php, which allows an attacker to obtain hashed administrator password when user have rights to do port modification in 'PORTS' tab. Quotes in OSSIM aren't property sanitized, allowing an attacker to execute XSS without logging into the OSSIM.
Mitigation:
Sanitize user input and properly escape quotes.