Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5194

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2007-5194
Last Modified 05 Sep 2008 05:30:07
Published 04 Oct 2007 01:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5194

Summary

The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges.

Vulnerable Systems

Application

  • Rpath Rmake 1.0.11


References

CONFIRM - https://issues.rpath.com/browse/RMK-634

BID - 25899

BUGTRAQ - 20071002 rPSA-2007-0203-1 rmake rmake-proxy rmake-repos

SECUNIA - 27030


Last Updated: 27 May 2016 10:46:06