This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:MISC:ALIEN-VAULT-OSSIM-CE
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
AlienVault OSSIM av-centerd SOAP Requests Command Execution
|
Release Date |
2014/08/04
|
Update Number |
2405
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: AlienVault OSSIM av-centerd SOAP Requests Command Execution
This signature detects attempts to exploit a known vulnerability against Alien Vault OSSIM. A successful attack can lead to arbitrary command execution.
Extended Description
The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) update_system_info_debian_package, (2) ossec_task, (3) set_ossim_setup admin_ip, (4) sync_rserver, or (5) set_ossim_setup framework_ip request, a different vulnerability than CVE-2014-3805.
Affected Products
- Alienvault open_source_security_information_management 4.0
- Alienvault open_source_security_information_management 4.0.3
- Alienvault open_source_security_information_management 4.0.4
- Alienvault open_source_security_information_management 4.1
- Alienvault open_source_security_information_management 4.1.2
- Alienvault open_source_security_information_management 4.1.3
- Alienvault open_source_security_information_management 4.2
- Alienvault open_source_security_information_management 4.2.2
- Alienvault open_source_security_information_management 4.2.3
- Alienvault open_source_security_information_management 4.3
- Alienvault open_source_security_information_management 4.3.1
- Alienvault open_source_security_information_management 4.3.2
- Alienvault open_source_security_information_management 4.3.3
- Alienvault open_source_security_information_management 4.4
- Alienvault open_source_security_information_management 4.5
- Alienvault open_source_security_information_management 4.6
- Alienvault open_source_security_information_management 4.6.1
References