Unrated severityNVD Advisory· Published Apr 16, 2008· Updated Apr 23, 2026

CVE-2008-1845

Description

The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush the tty's I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual terminal and entering command sequences, which might later be executed in opportunistic circumstances by a different user who launches mksh and specifies that terminal with the -T option.

Affected products

Mirbsd/Miros3 versions
cpe:2.3:o:mirbsd:miros:33:a:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:mirbsd:miros:33:a:*:*:*:*:*:*
- cpe:2.3:o:mirbsd:miros:33:b:*:*:*:*:*:*
- cpe:2.3:o:mirbsd:miros:*:c:*:*:*:*:*:*range: <=33

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/29803nvdVendor Advisory
www.mirbsd.org/mksh.htmnvd
www.osvdb.org/44365nvd
www.securityfocus.com/bid/28768nvd
exchange.xforce.ibmcloud.com/vulnerabilities/41794nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000