Summary
OSSIM is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks.
OSSIM 2.2 is affected
other versions may also be vulnerable.
Solution
The vendor has released an update to address this issue. Please see the references for more information.
References
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Allaire JRun directory browsing vulnerability
- AbanteCart Multiple Cross-Site Scripting Vulnerabilities
- AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- @Mail 'admin.php' Cross-Site Scripting Vulnerabilities