CVE-2007-0536

Published: Jan 27, 2007Modified: Apr 23, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges.

Affected (1)

Products: Rpath: Rpath Linux

Rpath

1 product

Rpath Linux

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Rpath Rpath Linux	Version 1

References (10)

http://lists.rpath.com/pipermail/security-announce/2007-January/000137.html

Source: cve@mitre.org

http://osvdb.org/32972

Source: cve@mitre.org

http://secunia.com/advisories/23922

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/31942

Source: cve@mitre.org

https://issues.rpath.com/browse/RPL-987

Source: cve@mitre.org

http://lists.rpath.com/pipermail/security-announce/2007-January/000137.html