[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OSSIM 4.0.2 open-source SIEM solution does not verify .deb signatures

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: OSSIM 4.0.2 open-source SIEM solution does not verify .deb signatures
From: roman.fiedler@xxxxxxxxx
Date: Tue, 20 Nov 2012 13:48:17 GMT

It seems that OSSIM does not check the signature when running apt updates via 
network. This would allow MITM attackers to install arbitrary code when 
updating OSSIM. The issue seems to be already known for some time although 
there is no confirmation from the company AlienVault behind it. So it might be, 
that only the non-commercial version is affected.

See 
http://forums.alienvault.com/discussion/512/looking-for-confirmation-of-security-issue-mitm-might-execute-arbitrary-code-on-ossim-during-update

Prev by Date: Re: [SE-2012-01] Security vulnerabilities in Java SE (details released)
Next by Date: FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |=
Previous by thread: SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities
Next by thread: FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |=
Index(es):
- Date
- Thread