Описание
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483.
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-0760
- http://aluigi.altervista.org/adv/sentinella-adv.txt
- http://secunia.com/advisories/28863
- http://securityreason.com/securityalert/3646
- http://www.securityfocus.com/archive/1/487954/100/0/threaded
- http://www.securityfocus.com/bid/27735
- http://www.vupen.com/english/advisories/2008/0499
Связанные уязвимости
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483.