mksh -- TTY attachment privilege escalation

2008-04-14T00:00:00
ID 86C05550-12C1-11DD-BAB7-0016179B2DD5
Type freebsd
Reporter FreeBSD
Modified 2008-04-14T00:00:00

Description

Secunia reports:

The vulnerability is caused due to an error when attaching to a TTY via the -T command line switch. This can be exploited to execute arbitrary commands with the privileges of the user running mksh via characters previously written to the attached virtual console.