CVE-2007-5194

Sažetak

The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges.

Reference

http://secunia.com/advisories/27030
http://www.securityfocus.com/archive/1/481395/100/0/threaded
http://www.securityfocus.com/bid/25899
https://bugs.gentoo.org/show_bug.cgi?id=194550
https://issues.rpath.com/browse/RMK-634

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

15-10-2018 - 21:41

Objavljeno

04-10-2007 - 17:17