{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-26T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"}, {"name": "sentinel-protection-directory-traversal(38636)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"}, {"name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"}, {"name": "3471", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3471"}, {"name": "26583", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26583"}, {"name": "27811", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27811"}, {"name": "ADV-2007-4011", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/4011"}, {"name": "20071126 2007-06 Sentinel Protection Server Directory Traversal", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"}, {"name": "1018992", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018992"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6483", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"}, {"name": "sentinel-protection-directory-traversal(38636)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"}, {"name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"}, {"name": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip", "refsource": "CONFIRM", "url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"}, {"name": "3471", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3471"}, {"name": "26583", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26583"}, {"name": "27811", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27811"}, {"name": "ADV-2007-4011", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/4011"}, {"name": "20071126 2007-06 Sentinel Protection Server Directory Traversal", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"}, {"name": "1018992", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018992"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6483", "datePublished": "2007-12-20T20:00:00", "dateReserved": "2007-12-20T00:00:00", "dateUpdated": "2018-10-15T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:safenet:sentinel_keys_server:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "3D766F1C-934F-407E-AEE5-BA1DD904E693", "vulnerable": true}, {"criteria": "cpe:2.3:a:safenet:sentinel_protection_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "86733C86-4D91-47F9-AA69-1517EBD9185C", "vulnerable": true}, {"criteria": "cpe:2.3:a:safenet:sentinel_protection_server:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "AF9F0AF6-18BC-45F9-8D11-982BA9BB7FFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:safenet:sentinel_protection_server:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "BCDE352B-1D4E-4EB9-9669-D62670FE45E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:safenet:sentinel_protection_server:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "DCE6B275-B786-4BB2-97AA-B7918C30F301", "vulnerable": true}, {"criteria": "cpe:2.3:a:safenet:sentinel_protection_server:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "17DBD0D0-57A9-4381-BE18-01D2E4FD97B6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en SafeNet Sentinel Protection Server 7.0.0 hasta 7.4.0 y versiones anteriores, y Sentinel Keys Server 1.0.3 y posiblemente versiones anteriores, permite a atacantes remotos leer ficheros de su elecci\u00f3n mediante un .. (punto punto) en la cadena de consulta."}], "id": "CVE-2007-6483", "lastModified": "2018-10-15T21:54:33.507", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-12-20T20:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27811"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3471"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/26583"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securitytracker.com/id?1018992"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/4011"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"}, {"source": "cve@mitre.org", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}