1. Background
2. Description
3. Affected Products
4. Vulnerability
5. Solution
6. Credit
7. Disclosure Timeline
OSSIM by AlienVault is an Open Source Security Information and Event Management (SIEM) platform, comprising a collection of tools designed to aid network administrator in computer security, intrusion detection and prevention.
(Wikipedia)
A vulnerability has been discovered in the OSSIM's OCS Inventory web interface due to insufficient input validation before inserting untrusted, user-supplied data into a SQL query.
AlienVault OSSIM 4.3
4.1 /ocsreports/tele_stats.php
4.11 The associated query was confirmed to be running with 'root' user privileges
Vendor contacted and confirmed that vulnerable application was removed in recent versions. Upgrade to latest version.
http://forums.alienvault.com/discussion/1873/security-advisory-all-alienvault-versions-prior-to-v4-3-3-1
This vulnerability was discovered by Andrew Smith.
1-18-2014 - Vulnerability Discovered
1-27-2014 - Vendor Informed
2-3-2014 - Public Disclosure