Computer Security
[EN] securityvulns.ru no-pyccku


Plash sandbox protection bypass
Published:12.03.2007
Source:
SecurityVulns ID:7394
Type:remote
Threat Level:
5/10
Description:It's possible to execute any command via /dev/tty device.
CVE:CVE-2007-1400 (Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restrictions and execute arbitrary commands by sending characters to a shell process on the same termimal via the TIOCSTI ioctl.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod