CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%
The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush
the tty’s I/O when invoking mksh in a new terminal, which allows local
users to gain privileges by opening a virtual terminal and entering command
sequences, which might later be executed in opportunistic circumstances by
a different user who launches mksh and specifies that terminal with the -T
option.