CVE-2008-0760

SafeNet Sentinel Protection Server < 7.4.1 and Sentinel Keys Server < 1.0.4.0 - Path Traversal via URI

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0760. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in Sentinel Protection Server and Keys Server. By sending a crafted HTTP GET request, an attacker can access sensitive files outside the intended directory, such as boot.ini.

Description

Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · textremotewindows

https://www.exploit-db.com/exploits/31149

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in Sentinel Protection Server and Keys Server. By sending a crafted HTTP GET request, an attacker can access sensitive files outside the intended directory, such as boot.ini.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Sentinel Protection Server 7.4.1.0, Keys Server 1.0.4

No auth needed

Prerequisites: Network access to the vulnerable server

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/27735

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/487954/100/0/threaded

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/3646

Exploit x_refsource_misc

http://aluigi.altervista.org/adv/sentinella-adv.txt

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/28863

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/0499

Scores

EPSS 0.0561

EPSS Percentile 90.4%

Details

CWE

CWE-22

Status published

Products (2)

safenet/sentinel_keys_server < 1.0.4.0

safenet/sentinel_protection_server < 7.4.1

Published Feb 13, 2008

Tracked Since Feb 18, 2026