CVE-2007-5194

Name of the Vulnerable Software and Affected Versions rMake version 1.0.11

Description The issue concerns the Chroot server in rMake, which creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port. This might allow local users to gain root privileges.

Recommendations For rMake version 1.0.11, consider restricting access to the /dev/zero device file to prevent local users from exploiting this issue. As a temporary workaround, review and adjust the permissions of the /dev/zero device file to minimize the risk of exploitation.