Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
rPath rMake Local Privilege Escalation Vulnerability

Secunia Advisory reports:

A vulnerability has been reported in rPath rMake, which can be exploited by malicious, local users to cause a Denial of Service (DoS) or potentially to gain escalated privileges.

The vulnerability is caused due to the rMake build tool incorrectly creating the device name "/dev/zero" with the device numbers of the "/dev/port" device. This can be exploited to gain read-write access to "/dev/port".

The vulnerability is reported in version 1.0.11. Prior versions may also be affected.

Update to:

rmake=/conary.rpath.com@rpl:devel//1/1.0.11.1-2-0.1

rmake-proxy=/conary.rpath.com@rpl:devel//1/1.0.11.1-2-0.1

rmake-repos=/conary.rpath.com@rpl:devel//1/1.0.11.1-2-0.1

You can check it out from Secunia, here.

Published Wednesday, October 03, 2007 10:09 PM by David Marshall
Filed under:
Get This Featured White Paper: VMware Backup For Dummies
You may also be interested in this white paper: Developing a Comprehensive Windows Application Strategy with Liquidware Essentials
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
DTX-Europe
devslam
connected-britain
total-telecom
ContainerDays2023
GISEC
vExpert
Calendar
<October 2007>
SuMoTuWeThFrSa
30123456
78910111213
14151617181920
21222324252627
28293031123
45678910