Vulnerability Details CVE-2007-0536
The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.1%
CVSS Severity
CVSS v2 Score 7.2
References
- http://lists.rpath.com/pipermail/security-announce/2007-January/000137.html
- http://osvdb.org/32972
- http://secunia.com/advisories/23922
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31942
- https://issues.rpath.com/browse/RPL-987
- http://lists.rpath.com/pipermail/security-announce/2007-January/000137.html
- http://osvdb.org/32972
- http://secunia.com/advisories/23922
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31942
- https://issues.rpath.com/browse/RPL-987
Products affected by CVE-2007-0536
-
cpe:2.3:o:rpath:rpath_linux:1