Code injection

2007-10-0417:17:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges.

CPENameOperatorVersion
rmakeeq1.0.11

CPE	Name	Operator	Version
	rmake	eq	1.0.11

References

secunia.com/advisories/27030

www.securityfocus.com/archive/1/481395/100/0/threaded

www.securityfocus.com/bid/25899

bugs.gentoo.org/show_bug.cgi?id=194550

issues.rpath.com/browse/RMK-634