14 matches found
EUVD-2007-5175
Malware in sbrugna...
EUVD-2007-0534
Malware in sbrugna...
Code injection
The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges...
CVE-2007-5194
The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges...
CVE-2007-5194
The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges...
CVE-2007-5194
The CVE-2007-5194 entry concerns the Chroot server in rMake 1.0.11. A local-priority issue arises because it creates a /dev/zero device file with read/write permissions for the rMake user and shares the minor device number with /dev/port, enabling potential local privilege escalation to root. The...
rPSA-2007-0203-1 rmake rmake-proxy rmake-repos
rPath Security Advisory: 2007-0203-1 Published: 2007-10-02 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Local Root Deterministic Privilege Escalation Updated Versions: rmake=/conary.rpath.com@rpl:devel//1/1.0.11.1-2-0.1...
rPath Linux rMake multiple security vulneraiblities
No description provided...
CVE-2007-0557
rMake before 1.0.4 drops root privileges in a way that retains the original supplemental groups, which might allow attackers to gain privileges via a crafted recipe file, a different vulnerability than CVE-2007-0536...
CVE-2007-0557
CVE-2007-0557 involves rMake prior to version 1.0.4. The description indicates a design/logic flaw where the chroot helper does not correctly drop supplemental groups, potentially allowing local privilege escalation via a crafted recipe file. The available documents attribute the issue to rMake b...
Design/Logic Flaw
The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges...
CVE-2007-0536
The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges...
CVE-2007-0536
The CVE-2007-0536 issue affects rPath Linux 1: the rMake chroot helper fails to drop supplemental groups, causing packages to be installed with insecure permissions and potentially enabling local privilege escalation. Root cause: missing drop of supplemental groups in the chroot helper. Impact: l...
CVE-2007-0536
The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges...