CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 3CVE-2008-0760 – Sentinel Protection Server 7.x/Keys Server 1.0.x - Backslash Directory Traversal
https://notcve.org/view.php?id=CVE-2008-0760
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483. Vulnerabilidad de salto de directorio en SafeNet Sentinel Protection Server 7.4.1.0 y anteriores y Sentinel Keys Server 1.0.4.0 y anteriores, permite a atacantes remotos leer ficheros de su elección mediante un ..\ (punto punto barra invertida) en el URI. NOTA: este problema existe debido a una modificación inicial incompleta de CVE-2007-6483. • https://www.exploit-db.com/exploits/31149 http://aluigi.altervista.org/adv/sentinella-adv.txt http://secunia.com/advisories/28863 http://securityreason.com/securityalert/3646 http://www.securityfocus.com/archive/1/487954/100/0/threaded http://www.securityfocus.com/bid/27735 http://www.vupen.com/english/advisories/2008/0499 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 1%CPEs: 6EXPL: 4CVE-2007-6483 – SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
https://notcve.org/view.php?id=CVE-2007-6483
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string. Vulnerabilidad de salto de directorio en SafeNet Sentinel Protection Server 7.0.0 hasta 7.4.0 y versiones anteriores, y Sentinel Keys Server 1.0.3 y posiblemente versiones anteriores, permite a atacantes remotos leer ficheros de su elección mediante un .. (punto punto) en la cadena de consulta. SafeNet Sentinel Protection Server versions 7.0 through 7.4 and Keys Server versions 1.0.3 through 1.0.4 suffer from a directory traversal vulnerability. • https://www.exploit-db.com/exploits/30809 https://www.exploit-db.com/exploits/33428 http://safenet-inc.com/support/files/SPI740SecurityPatch.zip http://secunia.com/advisories/27811 http://securityreason.com/securityalert/3471 http://www.securityfocus.com/archive/1/484201/100/200/threaded http://www.securityfocus.com/archive/1/484224/100/200/threaded http://www.securityfocus.com/bid/26583 http://www.securitytracker.com/id?1018992 http://www.vupen.com/english/advisories/2007/4011 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •