MidnightBSD

Advisories for sentinel

CVE-2017-12818 MEDIUM

Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
sentinel sentinel_ldk_rte_firmware *
CVE-2017-12819 HIGH

Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
sentinel sentinel_ldk_rte_firmware *
CVE-2017-12820 MEDIUM

Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
sentinel sentinel_ldk_rte_firmware *
CVE-2017-12821 HIGH

Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
sentinel sentinel_ldk_rte_firmware *
CVE-2017-12822 HIGH

Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to new attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-306,

Products Affected

Vendor Product Version
sentinel sentinel_ldk_rte_firmware *