Summary
SafeNet Sentinel Protection Server and Sentinel Keys Server are prone to a directory-traversal vulnerability because they fail to sufficiently sanitize user-supplied input.
Impact
Exploiting this issue will allow an attacker to view arbitrary files within the context of the web server. Information harvested may aid in launching further attacks.
Solution
Ask the vendor for an update.
Affected
SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and Sentinel Keys Server 1.0.3 and 1.0.4
Detection
Send a special crafted HTTP GET request and check the response
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2007-6483 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities