SafenetCVEs & Vulnerabilities

8 CVEs affecting Safenet products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

sentinel protection server 6softremote vpn client 5sentinel keys server 2safenet highassurance remote 2sentinel license manager 1highassurance remote 1ipsecdrv.sys 1
CVE-2008-5121HIGHpoc

dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface.

18 Nov 2008
7.2
CVSS
CVE-2008-0760MEDIUMpoc

Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483.

13 Feb 2008
5.0
CVSS
CVE-2008-0573HIGHpoc

IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request.

5 Feb 2008
7.2
CVSS
CVE-2007-6483MEDIUMpoc

Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.

20 Dec 2007
5.0
CVSS
CVE-2007-3157MEDIUMpoc

IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec.

12 Jun 2007
5.0
CVSS
CVE-2005-0346LOW

SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.

2 May 2005
2.1
CVSS
CVE-2005-0353CRITICALpoc

Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093.

2 May 2005
10.0
CVSS
CVE-2002-2225MEDIUM

SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload.

31 Dec 2002
5.1
CVSS
← PrevPage 1 / 1Next →