CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 1CVE-2008-5121 – Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM
https://notcve.org/view.php?id=CVE-2008-5121
dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface. dne2000.sys en Citrix Deterministic Network Enhancer (DNE) desde la version 2.21.7.233 a la 3.21.7.17464, tal y como se usa en (1) Cisco VPN Client, (2) Blue Coat WinProxy, y (3) SafeNet SoftRemote y HighAssurance Remote, permite a usuarios locales obtener privilegios a través de una petición DNE_IOCTL DeviceIoControl modificada a la interfaz de dispositivo \\.\DNE . • https://www.exploit-db.com/exploits/5837 http://secunia.com/advisories/30728 http://secunia.com/advisories/30744 http://secunia.com/advisories/30747 http://secunia.com/advisories/30753 http://securityreason.com/securityalert/4600 http://support.citrix.com/article/CTX117751 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsm25860 http://www.digit-labs.org/files/exploits/dne2000-call.c http://www.kb.cert.org/vuls/id/858993 http://www&# • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 3CVE-2008-0760 – Sentinel Protection Server 7.x/Keys Server 1.0.x - Backslash Directory Traversal
https://notcve.org/view.php?id=CVE-2008-0760
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483. Vulnerabilidad de salto de directorio en SafeNet Sentinel Protection Server 7.4.1.0 y anteriores y Sentinel Keys Server 1.0.4.0 y anteriores, permite a atacantes remotos leer ficheros de su elección mediante un ..\ (punto punto barra invertida) en el URI. NOTA: este problema existe debido a una modificación inicial incompleta de CVE-2007-6483. • https://www.exploit-db.com/exploits/31149 http://aluigi.altervista.org/adv/sentinella-adv.txt http://secunia.com/advisories/28863 http://securityreason.com/securityalert/3646 http://www.securityfocus.com/archive/1/487954/100/0/threaded http://www.securityfocus.com/bid/27735 http://www.vupen.com/english/advisories/2008/0499 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 2CVE-2008-0573 – SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM
https://notcve.org/view.php?id=CVE-2008-0573
IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request. IPSecDrv.sys 10.4.0.12 en SafeNET HighAssurance Remote y SoftRemote. Permite a usuarios locales ganar privilegios a través de peticiones IPSECDRV_IOCTL IOCTL manipuladas. • https://www.exploit-db.com/exploits/5004 http://secunia.com/advisories/28701 http://www.securityfocus.com/bid/27496 http://www.securitytracker.com/id?1019282 http://www.vupen.com/english/advisories/2008/0333 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 1%CPEs: 6EXPL: 4CVE-2007-6483 – SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
https://notcve.org/view.php?id=CVE-2007-6483
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string. Vulnerabilidad de salto de directorio en SafeNet Sentinel Protection Server 7.0.0 hasta 7.4.0 y versiones anteriores, y Sentinel Keys Server 1.0.3 y posiblemente versiones anteriores, permite a atacantes remotos leer ficheros de su elección mediante un .. (punto punto) en la cadena de consulta. SafeNet Sentinel Protection Server versions 7.0 through 7.4 and Keys Server versions 1.0.3 through 1.0.4 suffer from a directory traversal vulnerability. • https://www.exploit-db.com/exploits/30809 https://www.exploit-db.com/exploits/33428 http://safenet-inc.com/support/files/SPI740SecurityPatch.zip http://secunia.com/advisories/27811 http://securityreason.com/securityalert/3471 http://www.securityfocus.com/archive/1/484201/100/200/threaded http://www.securityfocus.com/archive/1/484224/100/200/threaded http://www.securityfocus.com/bid/26583 http://www.securitytracker.com/id?1018992 http://www.vupen.com/english/advisories/2007/4011 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 8%CPEs: 2EXPL: 4CVE-2007-3157 – SafeNet High Assurance Remote 1.4.0 - 'IPSecDrv.sys' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-3157
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec. IPSecDrv.sys 10.4.0.12 en SafeNET High Assurance Remote 1.4.0 Build 12, y SoftRemote, permiet a atacantes remotos provocar denegación de servicio (bucle infinito y cuelgue del sistema)a través de paquetes no válidos con ciertos bytes en una cabecera opciones, posiblemente relacionado con el soporte de IPv6 para IPSec. • https://www.exploit-db.com/exploits/4047 http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063859.html http://osvdb.org/37137 http://secunia.com/advisories/25574 http://securityreason.com/securityalert/2803 http://www.digit-labs.org/files/exploits/safenet-dos.c http://www.securityfocus.com/bid/24385 https://exchange.xforce.ibmcloud.com/vulnerabilities/34775 •