Summary
AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
Impact
Exploiting this issue can allow an attacker to gain access to arbitrary system files. Information harvested may aid in launching further attacks.
Solution
Updates are available.
Insight
Open Source SIEM (OSSIM) is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Affected
All AlienVault Versions prior to v4.3.3.1
Detection
Send a special crafted HTTP GET request and check the response.
References
Updated on 2017-03-28