SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal

EDB-ID:

30809




Platform:

Windows

Date:

2007-11-26


source: https://www.securityfocus.com/bid/26583/info

Sentinel Protection Server and Keys Server are prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks.

This issue affects Protection Server 7.0.0 through 7.4.0, and Keys Server 1.0.3; earlier versions may also be vulnerable. 

http://www.example.com:6002/../../../../../../boot.ini
http://www.example.com:7002/../../../../../../winnt/repair/sam