Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1845

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-1845
Last Modified 05 Sep 2008 12:00:00
Published 16 Apr 2008 01:05:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-1845

Summary

The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush the tty's I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual terminal and entering command sequences, which might later be executed in opportunistic circumstances by a different user who launches mksh and specifies that terminal with the -T option.

Vulnerable Systems

Operating System

  • Mirbsd Miros 33


References

XF - mirbsd-tty-privilege-escalation(41794)

BID - 28768

OSVDB - 44365

CONFIRM - http://www.mirbsd.org/mksh.htm#clog

SECUNIA - 29803


Last Updated: 27 May 2016 10:47:40