CVE-2007-6483 (GCVE-0-2007-6483)
Vulnerability from cvelistv5
Published
2007-12-20 20:00
Modified
2024-08-07 16:11
Severity ?
CWE
  • n/a
Summary
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.
References
cve@mitre.org http://safenet-inc.com/support/files/SPI740SecurityPatch.zip
cve@mitre.org http://secunia.com/advisories/27811 Vendor Advisory
cve@mitre.org http://securityreason.com/securityalert/3471
cve@mitre.org http://www.securityfocus.com/archive/1/484201/100/200/threaded
cve@mitre.org http://www.securityfocus.com/archive/1/484224/100/200/threaded
cve@mitre.org http://www.securityfocus.com/bid/26583 Exploit, Patch
cve@mitre.org http://www.securitytracker.com/id?1018992 Exploit
cve@mitre.org http://www.vupen.com/english/advisories/2007/4011
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/38636
cve@mitre.org https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01
af854a3a-2127-422b-91ae-364da2661108 http://safenet-inc.com/support/files/SPI740SecurityPatch.zip
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/27811 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://securityreason.com/securityalert/3471
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/484201/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/484224/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/26583 Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108 http://www.securitytracker.com/id?1018992 Exploit
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2007/4011
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/38636
af854a3a-2127-422b-91ae-364da2661108 https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:11:06.015Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"
          },
          {
            "name": "sentinel-protection-directory-traversal(38636)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"
          },
          {
            "name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"
          },
          {
            "name": "3471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3471"
          },
          {
            "name": "26583",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26583"
          },
          {
            "name": "27811",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27811"
          },
          {
            "name": "ADV-2007-4011",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4011"
          },
          {
            "name": "20071126 2007-06 Sentinel Protection Server Directory Traversal",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"
          },
          {
            "name": "1018992",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018992"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"
        },
        {
          "name": "sentinel-protection-directory-traversal(38636)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"
        },
        {
          "name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"
        },
        {
          "name": "3471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3471"
        },
        {
          "name": "26583",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26583"
        },
        {
          "name": "27811",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27811"
        },
        {
          "name": "ADV-2007-4011",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4011"
        },
        {
          "name": "20071126 2007-06 Sentinel Protection Server Directory Traversal",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"
        },
        {
          "name": "1018992",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018992"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6483",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"
            },
            {
              "name": "sentinel-protection-directory-traversal(38636)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"
            },
            {
              "name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"
            },
            {
              "name": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip",
              "refsource": "CONFIRM",
              "url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"
            },
            {
              "name": "3471",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3471"
            },
            {
              "name": "26583",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26583"
            },
            {
              "name": "27811",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27811"
            },
            {
              "name": "ADV-2007-4011",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4011"
            },
            {
              "name": "20071126 2007-06 Sentinel Protection Server Directory Traversal",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"
            },
            {
              "name": "1018992",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018992"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6483",
    "datePublished": "2007-12-20T20:00:00",
    "dateReserved": "2007-12-20T00:00:00",
    "dateUpdated": "2024-08-07T16:11:06.015Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-6483\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-12-20T20:46:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de salto de directorio en SafeNet Sentinel Protection Server 7.0.0 hasta 7.4.0 y versiones anteriores, y Sentinel Keys Server 1.0.3 y posiblemente versiones anteriores, permite a atacantes remotos leer ficheros de su elecci\u00f3n mediante un .. (punto punto) en la cadena de consulta.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:safenet:sentinel_keys_server:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D766F1C-934F-407E-AEE5-BA1DD904E693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:safenet:sentinel_protection_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86733C86-4D91-47F9-AA69-1517EBD9185C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:safenet:sentinel_protection_server:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF9F0AF6-18BC-45F9-8D11-982BA9BB7FFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:safenet:sentinel_protection_server:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCDE352B-1D4E-4EB9-9669-D62670FE45E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:safenet:sentinel_protection_server:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCE6B275-B786-4BB2-97AA-B7918C30F301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:safenet:sentinel_protection_server:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17DBD0D0-57A9-4381-BE18-01D2E4FD97B6\"}]}]}],\"references\":[{\"url\":\"http://safenet-inc.com/support/files/SPI740SecurityPatch.zip\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27811\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3471\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/484201/100/200/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/484224/100/200/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/26583\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1018992\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/4011\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38636\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://safenet-inc.com/support/files/SPI740SecurityPatch.zip\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27811\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3471\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/484201/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/484224/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26583\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1018992\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/4011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38636\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.