CVE-2007-5194 Information

Description

The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port which might allow local users to gain root privileges.

Reference

http://secunia.com/advisories/27030 http://www.securityfocus.com/archive/1/481395/100/0/threaded http://www.securityfocus.com/bid/25899 https://bugs.gentoo.org/show_bug.cgi?id=194550 https://issues.rpath.com/browse/RMK-634