Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restrictions and execute arbitrary commands by sending characters to a shell process on the same termimal via the TIOCSTI ioctl.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-03-10
Updated
2011-03-08
1 vulnerabilities found