CVE-2008-1845
Publication date 16 April 2008
Last updated 24 July 2024
Ubuntu priority
The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush the tty’s I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual terminal and entering command sequences, which might later be executed in opportunistic circumstances by a different user who launches mksh and specifies that terminal with the -T option.
Status
Package | Ubuntu Release | Status |
---|---|---|
mksh | 11.10 oneiric |
Not affected
|
11.04 natty |
Not affected
|
|
10.10 maverick |
Not affected
|
|
10.04 LTS lucid |
Not affected
|
|
9.10 karmic |
Not affected
|
|
9.04 jaunty |
Not affected
|
|
8.10 intrepid |
Not affected
|
|
8.04 LTS hardy | Ignored end of life | |
7.10 gutsy | Ignored end of life, was needed | |
7.04 feisty | Ignored end of life, was needed | |
6.06 LTS dapper | Ignored end of life |