CVE-2008-1845
NONE EPSS 25.1%
Published Apr 16, 200818y ago · Modified Jun 16, 20262w ago
Published Apr 16, 2008 18y ago
Last Modified Jun 16, 2026 2w ago
Description
The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush the tty's I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual terminal and entering command sequences, which might later be executed in opportunistic circumstances by a different user who launches mksh and specifies that terminal with the -T option.
Threat Intelligence
EPSS Exploit Probability
25.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Affected Products 3
References 5
- secunia.com http://secunia.com/advisories/29803
- mirbsd.org http://www.mirbsd.org/mksh.htm#clog
- osvdb.org http://www.osvdb.org/44365
- securityfocus.com http://www.securityfocus.com/bid/28768
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/41794
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.