CVE-2007-6483
SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
4
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.
Vulnerabilidad de salto de directorio en SafeNet Sentinel Protection Server 7.0.0 hasta 7.4.0 y versiones anteriores, y Sentinel Keys Server 1.0.3 y posiblemente versiones anteriores, permite a atacantes remotos leer ficheros de su elección mediante un .. (punto punto) en la cadena de consulta.
SafeNet Sentinel Protection Server versions 7.0 through 7.4 and Keys Server versions 1.0.3 through 1.0.4 suffer from a directory traversal vulnerability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-11-26 First Exploit
- 2007-12-20 CVE Reserved
- 2007-12-20 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
http://safenet-inc.com/support/files/SPI740SecurityPatch.zip | X_refsource_confirm | |
http://securityreason.com/securityalert/3471 | Third Party Advisory | |
http://www.securityfocus.com/archive/1/484201/100/200/threaded | Mailing List | |
http://www.securityfocus.com/archive/1/484224/100/200/threaded | Mailing List | |
http://www.vupen.com/english/advisories/2007/4011 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/38636 | Vdb Entry | |
https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01 | X_refsource_misc |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/30809 | 2007-11-26 | |
https://www.exploit-db.com/exploits/33428 | 2014-05-19 | |
http://www.securityfocus.com/bid/26583 | 2024-08-07 | |
http://www.securitytracker.com/id?1018992 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/27811 | 2018-10-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Safenet Search vendor "Safenet" | Sentinel Keys Server Search vendor "Safenet" for product "Sentinel Keys Server" | 1.0.3 Search vendor "Safenet" for product "Sentinel Keys Server" and version "1.0.3" | - |
Affected
| ||||||
Safenet Search vendor "Safenet" | Sentinel Protection Server Search vendor "Safenet" for product "Sentinel Protection Server" | 7.0 Search vendor "Safenet" for product "Sentinel Protection Server" and version "7.0" | - |
Affected
| ||||||
Safenet Search vendor "Safenet" | Sentinel Protection Server Search vendor "Safenet" for product "Sentinel Protection Server" | 7.1 Search vendor "Safenet" for product "Sentinel Protection Server" and version "7.1" | - |
Affected
| ||||||
Safenet Search vendor "Safenet" | Sentinel Protection Server Search vendor "Safenet" for product "Sentinel Protection Server" | 7.2 Search vendor "Safenet" for product "Sentinel Protection Server" and version "7.2" | - |
Affected
| ||||||
Safenet Search vendor "Safenet" | Sentinel Protection Server Search vendor "Safenet" for product "Sentinel Protection Server" | 7.3 Search vendor "Safenet" for product "Sentinel Protection Server" and version "7.3" | - |
Affected
| ||||||
Safenet Search vendor "Safenet" | Sentinel Protection Server Search vendor "Safenet" for product "Sentinel Protection Server" | 7.4 Search vendor "Safenet" for product "Sentinel Protection Server" and version "7.4" | - |
Affected
|