cpe:/a:quest:privilege_manager:6.0.0-27 cpe:/a:quest:privilege_manager:6.0.0-50 CVE-2017-6554 2017-04-14T14:59:00.937-04:00 2019-10-02T20:03:26.223-04:00 9.0 NETWORK LOW SINGLE_INSTANCE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov EXPLOIT-DB 41861 BID 97686 MISC http://packetstormsecurity.com/files/142095/Quest-Privilege-Manager-6.0.0-Arbitrary-File-Write.html MISC https://0xdeadface.wordpress.com/2017/04/07/multiple-vulnerabilities-in-quest-privilege-manager-6-0-0-xx-cve-2017-6553-cve-2017-6554/ CONFIRM https://support.oneidentity.com/privilege-manager-for-unix/kb/SOL133824 pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action.