CVE-2007-5360

Name of the Vulnerable Software and Affected Versions OpenPegasus Management server versions 3.0.1 through 3.0.2

Description A buffer overflow issue exists in the OpenPegasus Management server, specifically when it is compiled to use PAM and has PEGASUS USE PAM STANDALONE PROC defined. This could potentially allow remote attackers to execute arbitrary code through vectors related to PAM authentication.

Recommendations For versions 3.0.1 and 3.0.2, consider disabling PAM authentication or restricting access to the PAM module until a patch is available. As a temporary workaround, restrict the use of the PEGASUS USE PAM STANDALONE PROC definition to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.