FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mksh -- TTY attachment privilege escalation

Affected packages
mksh < R33d

Details

VuXML ID 86c05550-12c1-11dd-bab7-0016179b2dd5
Discovery 2008-04-14
Entry 2008-04-25

Secunia reports:

The vulnerability is caused due to an error when attaching to a TTY via the -T command line switch. This can be exploited to execute arbitrary commands with the privileges of the user running mksh via characters previously written to the attached virtual console.

[source]

References

CVE Name CVE-2008-1845
URL http://secunia.com/advisories/29803/
URL http://www.mirbsd.org/mksh.htm#clog

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.