|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 3471 CVE : CVE-2007-6483 SecurityRisk : Medium  (About) Remote Exploit : Yes Local Exploit : No Exploit Available : No Credit : Corey Lebleu Published : 21.12.2007
Advisory Content : Title ----- Sentinel Protection Server Directory Traversal Severity -------- High Date Discovered --------------- October 10th, 2007 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Corey Lebleu Vulnerability Description ------------------------- A classic directory traversal condition exists within the Sentinel Protection Server. By sending in an HTTP GET request with a path of a file proceeded by and escaped traversal sequence, an attacker can leverage an arbitrary file access condition on the affected system. Solution Description -------------------- Digital Defense, Inc. initially notified SafeNet on October 12, 2007 and received confirmation from the notification on October 30, 2007. SafeNet informed DDI that it would be releasing a patch for this flaw on November 16, 2007. At this time, DDI does not have a resolution number for the SafeNet patch for this flaw. Tested Systems / Software (with versions) ----------------------------------------- Sentinel Protection Server 7.1 Other versions may be vulnerable to this flaw. Vendor Contact -------------- SafeNet http://www.safenet-inc.com/  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |