Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6483

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-6483
Last Modified 07 Mar 2011 10:02:47
Published 20 Dec 2007 03:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6483

Summary

Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.

Vulnerable Systems

Application

  • Safenet Sentinel Keys Server 1.0.3

  • Safenet Sentinel Protection Server 7.0

  • Safenet Sentinel Protection Server 7.1

  • Safenet Sentinel Protection Server 7.2

  • Safenet Sentinel Protection Server 7.3

  • Safenet Sentinel Protection Server 7.4


References

BID - 26583

XF - sentinel-protection-directory-traversal(38636)

VUPEN - ADV-2007-4011

SECTRACK - 1018992

BUGTRAQ - 20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server

BUGTRAQ - 20071126 2007-06 Sentinel Protection Server Directory Traversal

SECUNIA - 27811

CONFIRM - http://safenet-inc.com/support/files/SPI740SecurityPatch.zip

SREASON - 3471


Last Updated: 27 May 2016 10:46:31