CVE-2017-6553

Published: Apr 29, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon.

Affected (1)

Products: Quest: Privilege Manager For Unix

Quest

1 product

Privilege Manager For Unix

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Quest Privilege Manager For Unix	Up to 6.0.0-50

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (6)

https://0xdeadface.wordpress.com/2017/04/07/multiple-vulnerabilities-in-quest-privilege-manager-6-0-0-xx-cve-2017-6553-cve-2017-6554/

Source: cve@mitre.org

Third Party Advisory

https://support.oneidentity.com/privilege-manager-for-unix/kb/SOL133824

Source: cve@mitre.org

PatchVendor Advisory

https://www.exploit-db.com/exploits/42010/

Source: cve@mitre.org

https://0xdeadface.wordpress.com/2017/04/07/multiple-vulnerabilities-in-quest-privilege-manager-6-0-0-xx-cve-2017-6553-cve-2017-6554/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.oneidentity.com/privilege-manager-for-unix/kb/SOL133824

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.exploit-db.com/exploits/42010/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.