VYPR
Unrated severityNVD Advisory· Published Nov 4, 2019· Updated Aug 8, 2024

CVE-2005-4890

CVE-2005-4890

Description

There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Range: >=1.0, <1.7.4
  • W Shadow/Shadowllm-fuzzy
    Range: >=4.0, <4.1.5
  • Red Hat/shadowv5
    Range: 4.x before 4.1.5
  • Red Hat/sudov5
    Range: 1.x before 1.7.4

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.