Arbitrary Code Execution via ACT_NEWFILESENT Action in Quest Privilege Manager
CVE-2017-6554 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action.
Learn more about our Cis Benchmark Audit For Server Software.