CVE-2005-4890

CWE-20 — Improper Input Validation8 documents7 sources

Severity

7.8HIGH

EPSS

0.1%

top 66.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Shadow Sudo Project Sudo RED HAT Shadow +3 more

Timeline

PublishedNov 4

Latest updateApr 21

Description

There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

▶Debiansudo< 1.7.4p4+3

▶Debianshadow< 1:4.1.5-1+3

▶NVDdebian/shadow4.0.0 — 4.1.5

▶NVDsudo_project/sudo1.3.0 — 1.7.4

▶CVEListV5red_hat/sudo1.x before 1.7.4

Also affects: Debian Linux 10.0, 8.0, 9.0, Enterprise Linux 4, 5, 6.0

🔴Vulnerability Details

GHSA

GHSA-3p48-pw9r-4325: There is a possible tty hijacking in shadow 4↗2022-04-21

▶

CVEList

CVE-2005-4890: There is a possible tty hijacking in shadow 4↗2019-11-04

▶

OSV

CVE-2005-4890: There is a possible tty hijacking in shadow 4↗2019-11-04

▶

📋Vendor Advisories

Debian

CVE-2005-4890: shadow - There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before...↗2005

▶

Red Hat

coreutils: tty hijacking possible in "su" via TIOCSTI ioctl↗2004-07-26

▶

💬Community

Bugzilla

pkexec tty hijacking via TIOCSTI ioctl↗2016-01-19

▶

Bugzilla

CVE-2005-4890 coreutils: tty hijacking possible in "su" via TIOCSTI ioctl↗2011-06-02

▶