WatchMouse keeps watch for the latest security news and vulnerability reports. Check here on a regular basis for updates or sign up using the form on the right to receive our security news updates via email.
View a full list of the most recent vulnerabilities here.
View a full list of the most recent vulnerabilities here.
OSSIM 'repository_attachment.php' Arbitrary File Upload Vulnerability
|
18 Mar 2010 |
| OSSIM is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. This issue affects OSSIM 2.1.5 and 2.2; other versions may be vulnerable as well. |
|
| Securityfocus.com | |
