Vulnerability Description
The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush the tty's I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual terminal and entering command sequences, which might later be executed in opportunistic circumstances by a different user who launches mksh and specifies that terminal with the -T option.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mirbsd | Miros | <= 33 |
References
- http://secunia.com/advisories/29803Vendor Advisory
- http://www.mirbsd.org/mksh.htm#clog
- http://www.osvdb.org/44365
- http://www.securityfocus.com/bid/28768
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41794
- http://secunia.com/advisories/29803Vendor Advisory
- http://www.mirbsd.org/mksh.htm#clog
- http://www.osvdb.org/44365
- http://www.securityfocus.com/bid/28768
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41794
FAQ
What is CVE-2008-1845?
CVE-2008-1845 is a vulnerability with a CVSS score of 7.2 (HIGH). The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush the tty's I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual terminal...
How severe is CVE-2008-1845?
CVE-2008-1845 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1845?
Check the references section above for vendor advisories and patch information. Affected products include: Mirbsd Miros.