Vulnerability Description
Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Quest | Privilege Manager For Unix | <= 6.0.0-50 |
Related Weaknesses (CWE)
References
- https://0xdeadface.wordpress.com/2017/04/07/multiple-vulnerabilities-in-quest-prThird Party Advisory
- https://support.oneidentity.com/privilege-manager-for-unix/kb/SOL133824PatchVendor Advisory
- https://www.exploit-db.com/exploits/42010/
- https://0xdeadface.wordpress.com/2017/04/07/multiple-vulnerabilities-in-quest-prThird Party Advisory
- https://support.oneidentity.com/privilege-manager-for-unix/kb/SOL133824PatchVendor Advisory
- https://www.exploit-db.com/exploits/42010/
FAQ
What is CVE-2017-6553?
CVE-2017-6553 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory c...
How severe is CVE-2017-6553?
CVE-2017-6553 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-6553?
Check the references section above for vendor advisories and patch information. Affected products include: Quest Privilege Manager For Unix.