Back to search
CVE-2007-1400
Published: Mar 10, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restrictions and execute arbitrary commands by sending characters to a shell process on the same termimal via the TIOCSTI ioctl.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://plash.beasts.org/wiki/PlashIssues/TtyVulnerability
x_refsource_CONFIRM
22892
vdb-entry
x_refsource_BID
24498
third-party-advisory
x_refsource_SECUNIA
ADV-2007-0909
vdb-entry
x_refsource_VUPEN
32598
vdb-entry
x_refsource_OSVDB
[plash] 20070301 TTY ioctl() vulnerability
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now