Vulnerabilites related to midnight_commander - midnight_commander
Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."
References
cve@mitre.orghttp://secunia.com/advisories/13863/Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-512.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18905
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13863/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-512.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18905
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
turbolinux turbolinux_server 7.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BE1B4B-FFDA-43B7-A0DB-FF0DB2BF7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via \"use of already freed memory.\""
    }
  ],
  "id": "CVE-2004-1093",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18905"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."
References
cve@mitre.orghttp://secunia.com/advisories/13863/Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-512.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18907
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13863/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-512.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18907
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
turbolinux turbolinux_server 7.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BE1B4B-FFDA-43B7-A0DB-FF0DB2BF7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via \"a corrupt section header.\""
    },
    {
      "lang": "es",
      "value": "Midnight Commander (mc) 4.5.55 y versiones anteriores, permiten a atacantes remotos causar la Denegaci\u00f3n de Servicio (DoS) mediante una secci\u00f3n corrupta de la cabecera."
    }
  ],
  "id": "CVE-2004-1090",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18907"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-01-20 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
References
cve@mitre.orgftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
cve@mitre.orghttp://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000833
cve@mitre.orghttp://fedoranews.org/updates/FEDORA-2004-058.shtml
cve@mitre.orghttp://marc.info/?l=bugtraq&m=108118433222764&w=2
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2004-034.html
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2004-035.html
cve@mitre.orghttp://secunia.com/advisories/10645
cve@mitre.orghttp://secunia.com/advisories/10685
cve@mitre.orghttp://secunia.com/advisories/10716
cve@mitre.orghttp://secunia.com/advisories/10772
cve@mitre.orghttp://secunia.com/advisories/10823
cve@mitre.orghttp://secunia.com/advisories/11219
cve@mitre.orghttp://secunia.com/advisories/11262
cve@mitre.orghttp://secunia.com/advisories/11268
cve@mitre.orghttp://secunia.com/advisories/11296
cve@mitre.orghttp://secunia.com/advisories/9833
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200403-09.xmlVendor Advisory
cve@mitre.orghttp://www.debian.org/security/2004/dsa-424
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2004:007
cve@mitre.orghttp://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html
cve@mitre.orghttp://www.securityfocus.com/bid/8658Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/13247
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
af854a3a-2127-422b-91ae-364da2661108http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000833
af854a3a-2127-422b-91ae-364da2661108http://fedoranews.org/updates/FEDORA-2004-058.shtml
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=108118433222764&w=2
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2004-034.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2004-035.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10645
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10685
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10716
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10772
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/10823
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/11219
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/11262
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/11268
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/11296
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/9833
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200403-09.xmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2004/dsa-424
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2004:007
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/8658Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/13247
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en la pila en vfs_s_resolve_symlink de vfs/direntry.c en Midnight Commander (mc) 4.6.0 y anteriores, y posiblemente otras versiones permite a atacantes remotos ejecutar c\u00f3digo arbitrario durante una conversi\u00f3n de enlaces simb\u00f3licos (symlink)."
    }
  ],
  "id": "CVE-2003-1023",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-01-20T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000833"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://fedoranews.org/updates/FEDORA-2004-058.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=108118433222764\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2004-034.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2004-035.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10645"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10685"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10716"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10772"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/10823"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/11219"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/11262"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/11268"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/11296"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/9833"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200403-09.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-424"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:007"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/8658"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13247"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000833"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/updates/FEDORA-2004-058.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=108118433222764\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2004-034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2004-035.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10716"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10772"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/10823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/11219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/11262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/11268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/11296"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/9833"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200403-09.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:007"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/8658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13247"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
References
cve@mitre.orghttp://secunia.com/advisories/13863/Patch, Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1012903
cve@mitre.orghttp://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-512.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18909
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13863/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1012903
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-512.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18909
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
turbolinux turbolinux_server 7.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BE1B4B-FFDA-43B7-A0DB-FF0DB2BF7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by \"manipulating non-existing file handles.\""
    }
  ],
  "id": "CVE-2004-1174",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1012903"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18909"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1012903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18909"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2001-11-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file.
References
cve@mitre.orghttp://www.kb.cert.org/vuls/id/203203US Government Resource
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/10630
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/203203US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/10630
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F767927-D2B8-447B-834B-38EC1DC9D9D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file."
    }
  ],
  "id": "CVE-2001-1429",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-11-12T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/203203"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10630"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/203203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10630"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
References
cve@mitre.orghttp://secunia.com/advisories/13863/Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2005/dsa-639
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200502-24.xml
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-217.htmlPatch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18898
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13863/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-639
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-217.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18898
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
turbolinux turbolinux_server 7.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BE1B4B-FFDA-43B7-A0DB-FF0DB2BF7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer en Midnight Commander (mc) 4.5.55 y versiones anteriores, permiten a atacantes remotos ejecutar acciones de impacto desconocido."
    }
  ],
  "id": "CVE-2004-1005",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18898"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
References
security@debian.orghttp://www.debian.org/security/2005/dsa-698Patch, Vendor Advisory
security@debian.orghttp://www.redhat.com/support/errata/RHSA-2005-512.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-698Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-512.html
Impacted products
Vendor Product Version
midnight_commander midnight_commander *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "497B17B3-2CEE-4158-9E13-60C3DF878CE9",
              "versionEndIncluding": "4.5.55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code."
    }
  ],
  "id": "CVE-2005-0763",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-05-02T04:00:00.000",
  "references": [
    {
      "source": "security@debian.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-698"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-698"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/bugtraq/2000-11/0192.html
cve@mitre.orghttp://www.debian.org/security/2000/20001125Patch, Vendor Advisory
cve@mitre.orghttp://www.linux-mandrake.com/en/security/MDKSA-2000-078.php3
cve@mitre.orghttp://www.securityfocus.com/bid/1945Exploit, Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/5519
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2000-11/0192.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2000/20001125Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.linux-mandrake.com/en/security/MDKSA-2000-078.php3
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/1945Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/5519
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.42


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument."
    }
  ],
  "id": "CVE-2000-1108",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-01-09T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0192.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2000/20001125"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-078.php3"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1945"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5519"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0192.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2000/20001125"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-078.php3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1945"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5519"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
1999-08-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.
References
cve@mitre.orghttp://marc.info/?l=bugtraq&m=93370073207984&w=2
cve@mitre.orghttp://www.iss.net/security_center/static/9873.php
cve@mitre.orghttp://www.osvdb.org/5921
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=93370073207984&w=2
af854a3a-2127-422b-91ae-364da2661108http://www.iss.net/security_center/static/9873.php
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/5921
Impacted products
Vendor Product Version
midnight_commander midnight_commander *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24D76D39-F002-44B5-857D-3E6B158AD541",
              "versionEndIncluding": "4.5.11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges."
    }
  ],
  "id": "CVE-1999-1337",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "1999-08-01T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=93370073207984\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.iss.net/security_center/static/9873.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/5921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=93370073207984\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.iss.net/security_center/static/9873.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/5921"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/bugtraq/2000-11/0373.htmlVendor Advisory
cve@mitre.orghttp://www.debian.org/security/2001/dsa-036
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2001_011_mc.html
cve@mitre.orghttp://www.securityfocus.com/bid/2016Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/5929
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2000-11/0373.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2001/dsa-036
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2001_011_mc.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/2016Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/5929
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed."
    }
  ],
  "id": "CVE-2000-1109",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-01-09T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0373.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2001/dsa-036"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2001_011_mc.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2016"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0373.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2001/dsa-036"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2001_011_mc.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5929"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
References
cve@mitre.orghttp://secunia.com/advisories/13863Patch, Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1012903
cve@mitre.orghttp://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200502-24.xml
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-217.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18911
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13863Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1012903
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-217.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18911
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
turbolinux turbolinux_server 7.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BE1B4B-FFDA-43B7-A0DB-FF0DB2BF7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code."
    }
  ],
  "id": "CVE-2004-1176",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1012903"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1012903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18911"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
References
cve@mitre.orghttp://secunia.com/advisories/13863/Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2005/dsa-639
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200502-24.xml
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-217.htmlPatch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18902
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13863/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-639
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-217.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18902
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
turbolinux turbolinux_server 7.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BE1B4B-FFDA-43B7-A0DB-FF0DB2BF7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de cadena de formato en Midnight Commander (mc) 4.5.55 y versiones anteriores, permiten a atacantes remotos ejecutar acciones de impacto desconocido."
    }
  ],
  "id": "CVE-2004-1004",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18902"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
References
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200405-21.xml
cve@mitre.orghttp://www.debian.org/security/2004/dsa-497
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2004:039
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2004_12_mc.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-172.htmlPatch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/16016
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200405-21.xml
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2004/dsa-497
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2004:039
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2004_12_mc.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-172.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/16016
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
sgi propack 2.3
sgi propack 2.4
gentoo linux 0.5
gentoo linux 0.7
gentoo linux 1.1a
gentoo linux 1.2
gentoo linux 1.4
gentoo linux 1.4
gentoo linux 1.4
gentoo linux 1.4
slackware slackware_linux *
slackware slackware_linux 9.0
slackware slackware_linux 9.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer en Midnight Commander (mc) anteriores a 4.6.0 pueden permitir a atacantes causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo arbitrario."
    }
  ],
  "id": "CVE-2004-0226",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-08-18T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-497"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-497"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
References
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200405-21.xml
cve@mitre.orghttp://www.debian.org/security/2004/dsa-497
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2004:039
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2004_12_mc.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-172.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/16021
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200405-21.xml
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2004/dsa-497
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2004:039
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2004_12_mc.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-172.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/16021
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
sgi propack 2.3
sgi propack 2.4
gentoo linux 0.5
gentoo linux 0.7
gentoo linux 1.1a
gentoo linux 1.2
gentoo linux 1.4
gentoo linux 1.4
gentoo linux 1.4
gentoo linux 1.4
slackware slackware_linux *
slackware slackware_linux 9.0
slackware slackware_linux 9.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "M\u00fatiples vulnerabilidades de cadena de formato en Midnight Commander (mc) anteriores a 4.6.0 pueden permitir a atacantes causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo de su elecci\u00f3n."
    }
  ],
  "id": "CVE-2004-0232",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-08-18T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-497"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-497"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.
References
cve@mitre.orghttp://secunia.com/advisories/13863Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-512.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18908
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13863Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-512.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18908
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
turbolinux turbolinux_server 7.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BE1B4B-FFDA-43B7-A0DB-FF0DB2BF7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference."
    },
    {
      "lang": "es",
      "value": "Midnight Commander (mc) 4.5.55 y versiones anteriores, permiten a atacantes remotos causar la Denegaci\u00f3n de Servicio (DoS) provocando una referencia nula."
    }
  ],
  "id": "CVE-2004-1091",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18908"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.
References
cve@mitre.orghttp://secunia.com/advisories/13863/Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200502-24.xml
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18904
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13863/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18904
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
turbolinux turbolinux_server 7.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BE1B4B-FFDA-43B7-A0DB-FF0DB2BF7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory."
    }
  ],
  "id": "CVE-2004-1092",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18904"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
References
cve@mitre.orghttp://secunia.com/advisories/13863/Patch, Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1012903
cve@mitre.orghttp://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-512.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18906
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13863/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1012903
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-512.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18906
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
turbolinux turbolinux_server 7.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BE1B4B-FFDA-43B7-A0DB-FF0DB2BF7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "fish.c in midnight commander allows remote attackers to execute arbitrary programs via \"insecure filename quoting,\" possibly using shell metacharacters."
    }
  ],
  "id": "CVE-2004-1175",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1012903"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18906"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1012903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18906"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
References
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200405-21.xmlVendor Advisory
cve@mitre.orghttp://www.debian.org/security/2004/dsa-497Patch, Vendor Advisory
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2004:039
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2004_12_mc.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-172.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/16020
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200405-21.xmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2004/dsa-497Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2004:039
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2004_12_mc.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-172.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/16020
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
sgi propack 2.3
sgi propack 2.4
gentoo linux 0.5
gentoo linux 0.7
gentoo linux 1.1a
gentoo linux 1.2
gentoo linux 1.4
gentoo linux 1.4
gentoo linux 1.4
gentoo linux 1.4
slackware slackware_linux *
slackware slackware_linux 9.0
slackware slackware_linux 9.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to \"Insecure temporary file and directory creations.\""
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en Midnight Commander (mc) anteriores a 4.6.0, con impacto desconocido, relacionadas con \"creaci\u00f3n insegura de ficheros y directorios temporales.\""
    }
  ],
  "id": "CVE-2004-0231",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-08-18T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-497"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-497"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
1999-04-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack.
References
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0480
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0480
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBD7E36-FFE4-46FC-89DE-CD7B293A9676",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack."
    }
  ],
  "id": "CVE-1999-0480",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "1999-04-01T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0480"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0480"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
References
cve@mitre.orghttp://secunia.com/advisories/13863/Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-512.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18903
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13863/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-639Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-512.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18903
Impacted products
Vendor Product Version
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.43
midnight_commander midnight_commander 4.5.44
midnight_commander midnight_commander 4.5.45
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.5.48
midnight_commander midnight_commander 4.5.49
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.51
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.54
midnight_commander midnight_commander 4.5.55
midnight_commander midnight_commander 4.6
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
debian debian_linux 3.0
gentoo linux *
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat enterprise_linux 2.1
redhat linux_advanced_workstation 2.1
redhat linux_advanced_workstation 2.1
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.2
turbolinux turbolinux_server 7.0
turbolinux turbolinux_server 8.0
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_workstation 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BE1B4B-FFDA-43B7-A0DB-FF0DB2BF7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors."
    },
    {
      "lang": "es",
      "value": "Midnight Commander (mc) 4.5.55 y versiones anteriores, permiten a atacantes remotos causar la Denegaci\u00f3n de Servicio (DoS) por bucle infinito mediante un ataque desconocido."
    }
  ],
  "id": "CVE-2004-1009",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/13863/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18903"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2004-1091 (GCVE-0-2004-1091)
Vulnerability from cvelistv5
Published
2005-01-22 05:00
Modified
2024-08-08 00:39
Severity ?
CWE
  • n/a
Summary
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/18908 vdb-entry, x_refsource_XF
http://secunia.com/advisories/13863 third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-639 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2005-512.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "midnight-commander-find-dos(18908)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18908"
          },
          {
            "name": "13863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13863"
          },
          {
            "name": "DSA-639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-639"
          },
          {
            "name": "RHSA-2005:512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "midnight-commander-find-dos(18908)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18908"
        },
        {
          "name": "13863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13863"
        },
        {
          "name": "DSA-639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-639"
        },
        {
          "name": "RHSA-2005:512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1091",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "midnight-commander-find-dos(18908)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18908"
            },
            {
              "name": "13863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13863"
            },
            {
              "name": "DSA-639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-639"
            },
            {
              "name": "RHSA-2005:512",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1091",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2004-11-30T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2000-1109 (GCVE-0-2000-1109)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:45
Severity ?
CWE
  • n/a
Summary
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T05:45:36.508Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "2016",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/2016"
          },
          {
            "name": "20001127 Midnight Commander",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0373.html"
          },
          {
            "name": "SuSE-SA:2001:11",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2001_011_mc.html"
          },
          {
            "name": "midnight-commander-elevate-privileges(5929)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5929"
          },
          {
            "name": "DSA-036",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2001/dsa-036"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-11-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-11-02T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "2016",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/2016"
        },
        {
          "name": "20001127 Midnight Commander",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0373.html"
        },
        {
          "name": "SuSE-SA:2001:11",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2001_011_mc.html"
        },
        {
          "name": "midnight-commander-elevate-privileges(5929)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5929"
        },
        {
          "name": "DSA-036",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2001/dsa-036"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2000-1109",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "2016",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/2016"
            },
            {
              "name": "20001127 Midnight Commander",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0373.html"
            },
            {
              "name": "SuSE-SA:2001:11",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2001_011_mc.html"
            },
            {
              "name": "midnight-commander-elevate-privileges(5929)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5929"
            },
            {
              "name": "DSA-036",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2001/dsa-036"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2000-1109",
    "datePublished": "2001-05-07T04:00:00",
    "dateReserved": "2000-12-14T00:00:00",
    "dateUpdated": "2024-08-08T05:45:36.508Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1004 (GCVE-0-2004-1004)
Vulnerability from cvelistv5
Published
2005-01-22 05:00
Modified
2024-08-08 00:38
Severity ?
CWE
  • n/a
Summary
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
References
http://secunia.com/advisories/13863/ third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/18902 vdb-entry, x_refsource_XF
http://www.redhat.com/support/errata/RHSA-2005-217.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-639 vendor-advisory, x_refsource_DEBIAN
http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml vendor-advisory, x_refsource_GENTOO
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:38:59.668Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "13863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13863/"
          },
          {
            "name": "midnightcommander-format-string(18902)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18902"
          },
          {
            "name": "RHSA-2005:217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
          },
          {
            "name": "DSA-639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-639"
          },
          {
            "name": "GLSA-200502-24",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "13863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13863/"
        },
        {
          "name": "midnightcommander-format-string(18902)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18902"
        },
        {
          "name": "RHSA-2005:217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
        },
        {
          "name": "DSA-639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-639"
        },
        {
          "name": "GLSA-200502-24",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1004",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "13863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13863/"
            },
            {
              "name": "midnightcommander-format-string(18902)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18902"
            },
            {
              "name": "RHSA-2005:217",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
            },
            {
              "name": "DSA-639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-639"
            },
            {
              "name": "GLSA-200502-24",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1004",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2004-11-02T00:00:00",
    "dateUpdated": "2024-08-08T00:38:59.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1090 (GCVE-0-2004-1090)
Vulnerability from cvelistv5
Published
2005-01-22 05:00
Modified
2024-08-08 00:39
Severity ?
CWE
  • n/a
Summary
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/18907 vdb-entry, x_refsource_XF
http://secunia.com/advisories/13863/ third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-639 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2005-512.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.811Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "midnight-commander-section-dos(18907)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18907"
          },
          {
            "name": "13863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13863/"
          },
          {
            "name": "DSA-639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-639"
          },
          {
            "name": "RHSA-2005:512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via \"a corrupt section header.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "midnight-commander-section-dos(18907)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18907"
        },
        {
          "name": "13863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13863/"
        },
        {
          "name": "DSA-639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-639"
        },
        {
          "name": "RHSA-2005:512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1090",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via \"a corrupt section header.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "midnight-commander-section-dos(18907)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18907"
            },
            {
              "name": "13863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13863/"
            },
            {
              "name": "DSA-639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-639"
            },
            {
              "name": "RHSA-2005:512",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1090",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2004-11-30T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.811Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-0226 (GCVE-0-2004-0226)
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
CWE
  • n/a
Summary
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:10:03.623Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SuSE-SA:2004:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
          },
          {
            "name": "GLSA-200405-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
          },
          {
            "name": "midnight-commander-local-privileges(16016)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
          },
          {
            "name": "MDKSA-2004:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
          },
          {
            "name": "DSA-497",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-497"
          },
          {
            "name": "RHSA-2004:172",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-04-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SuSE-SA:2004:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
        },
        {
          "name": "GLSA-200405-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
        },
        {
          "name": "midnight-commander-local-privileges(16016)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
        },
        {
          "name": "MDKSA-2004:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
        },
        {
          "name": "DSA-497",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-497"
        },
        {
          "name": "RHSA-2004:172",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0226",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SuSE-SA:2004:012",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
            },
            {
              "name": "GLSA-200405-21",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
            },
            {
              "name": "midnight-commander-local-privileges(16016)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
            },
            {
              "name": "MDKSA-2004:039",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
            },
            {
              "name": "DSA-497",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-497"
            },
            {
              "name": "RHSA-2004:172",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0226",
    "datePublished": "2004-05-05T04:00:00",
    "dateReserved": "2004-03-17T00:00:00",
    "dateUpdated": "2024-08-08T00:10:03.623Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-1999-0480 (GCVE-0-1999-0480)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:41
Severity ?
CWE
  • n/a
Summary
Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T16:41:45.414Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0480"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-17T07:39:43",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0480"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-1999-0480",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0480",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0480"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-1999-0480",
    "datePublished": "2000-02-04T05:00:00",
    "dateReserved": "1999-06-07T00:00:00",
    "dateUpdated": "2024-08-01T16:41:45.414Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2000-1108 (GCVE-0-2000-1108)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:45
Severity ?
CWE
  • n/a
Summary
cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T05:45:36.955Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20001113 Problems with cons.saver",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0192.html"
          },
          {
            "name": "1945",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/1945"
          },
          {
            "name": "midnight-commander-conssaver-symlink(5519)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5519"
          },
          {
            "name": "MDKSA-2000:078",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-078.php3"
          },
          {
            "name": "20001125 mc: local DoS",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2000/20001125"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-11-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-11-02T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20001113 Problems with cons.saver",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0192.html"
        },
        {
          "name": "1945",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/1945"
        },
        {
          "name": "midnight-commander-conssaver-symlink(5519)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5519"
        },
        {
          "name": "MDKSA-2000:078",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-078.php3"
        },
        {
          "name": "20001125 mc: local DoS",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2000/20001125"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2000-1108",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20001113 Problems with cons.saver",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0192.html"
            },
            {
              "name": "1945",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/1945"
            },
            {
              "name": "midnight-commander-conssaver-symlink(5519)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5519"
            },
            {
              "name": "MDKSA-2000:078",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-078.php3"
            },
            {
              "name": "20001125 mc: local DoS",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2000/20001125"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2000-1108",
    "datePublished": "2001-05-07T04:00:00",
    "dateReserved": "2000-12-14T00:00:00",
    "dateUpdated": "2024-08-08T05:45:36.955Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-1023 (GCVE-0-2003-1023)
Vulnerability from cvelistv5
Published
2004-01-06 05:00
Modified
2024-08-08 02:12
Severity ?
CWE
  • n/a
Summary
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
References
http://rhn.redhat.com/errata/RHSA-2004-034.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/10772 third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc vendor-advisory, x_refsource_SGI
http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html vendor-advisory, x_refsource_FEDORA
https://exchange.xforce.ibmcloud.com/vulnerabilities/13247 vdb-entry, x_refsource_XF
ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc vendor-advisory, x_refsource_SGI
http://secunia.com/advisories/10716 third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=108118433222764&w=2 mailing-list, x_refsource_BUGTRAQ
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt vendor-advisory, x_refsource_CALDERA
http://fedoranews.org/updates/FEDORA-2004-058.shtml vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/10645 third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2004:007 vendor-advisory, x_refsource_MANDRAKE
http://secunia.com/advisories/10823 third-party-advisory, x_refsource_SECUNIA
http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html mailing-list, x_refsource_BUGTRAQ
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000833 vendor-advisory, x_refsource_CONECTIVA
http://www.securityfocus.com/bid/8658 vdb-entry, x_refsource_BID
http://www.debian.org/security/2004/dsa-424 vendor-advisory, x_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2004-035.html vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/10685 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/11219 third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822 vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/9833 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/11296 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/11268 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/11262 third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200403-09.xml vendor-advisory, x_refsource_GENTOO
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:35.765Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2004:034",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2004-034.html"
          },
          {
            "name": "10772",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10772"
          },
          {
            "name": "20040202-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
          },
          {
            "name": "FLSA:1224",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html"
          },
          {
            "name": "midnight-commander-vfssresolvesymlink-bo(13247)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13247"
          },
          {
            "name": "20040201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
          },
          {
            "name": "10716",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10716"
          },
          {
            "name": "20040405 [OpenPKG-SA-2004.009] OpenPKG Security Advisory (mc)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108118433222764\u0026w=2"
          },
          {
            "name": "CSSA-2004-014.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt"
          },
          {
            "name": "FEDORA-2004-058",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA-2004-058.shtml"
          },
          {
            "name": "10645",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10645"
          },
          {
            "name": "MDKSA-2004:007",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:007"
          },
          {
            "name": "10823",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10823"
          },
          {
            "name": "20030919 uninitialized buffer in midnight commander",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html"
          },
          {
            "name": "CLA-2004:833",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000833"
          },
          {
            "name": "8658",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/8658"
          },
          {
            "name": "DSA-424",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-424"
          },
          {
            "name": "RHSA-2004:035",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2004-035.html"
          },
          {
            "name": "10685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10685"
          },
          {
            "name": "11219",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11219"
          },
          {
            "name": "oval:org.mitre.oval:def:822",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822"
          },
          {
            "name": "9833",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/9833"
          },
          {
            "name": "11296",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11296"
          },
          {
            "name": "11268",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11268"
          },
          {
            "name": "11262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11262"
          },
          {
            "name": "GLSA-200403-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200403-09.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-09-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2004:034",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2004-034.html"
        },
        {
          "name": "10772",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10772"
        },
        {
          "name": "20040202-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
        },
        {
          "name": "FLSA:1224",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html"
        },
        {
          "name": "midnight-commander-vfssresolvesymlink-bo(13247)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13247"
        },
        {
          "name": "20040201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
        },
        {
          "name": "10716",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10716"
        },
        {
          "name": "20040405 [OpenPKG-SA-2004.009] OpenPKG Security Advisory (mc)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108118433222764\u0026w=2"
        },
        {
          "name": "CSSA-2004-014.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt"
        },
        {
          "name": "FEDORA-2004-058",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA-2004-058.shtml"
        },
        {
          "name": "10645",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10645"
        },
        {
          "name": "MDKSA-2004:007",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:007"
        },
        {
          "name": "10823",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10823"
        },
        {
          "name": "20030919 uninitialized buffer in midnight commander",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html"
        },
        {
          "name": "CLA-2004:833",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000833"
        },
        {
          "name": "8658",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/8658"
        },
        {
          "name": "DSA-424",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-424"
        },
        {
          "name": "RHSA-2004:035",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2004-035.html"
        },
        {
          "name": "10685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10685"
        },
        {
          "name": "11219",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11219"
        },
        {
          "name": "oval:org.mitre.oval:def:822",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822"
        },
        {
          "name": "9833",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/9833"
        },
        {
          "name": "11296",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11296"
        },
        {
          "name": "11268",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11268"
        },
        {
          "name": "11262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11262"
        },
        {
          "name": "GLSA-200403-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200403-09.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-1023",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2004:034",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2004-034.html"
            },
            {
              "name": "10772",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10772"
            },
            {
              "name": "20040202-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
            },
            {
              "name": "FLSA:1224",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html"
            },
            {
              "name": "midnight-commander-vfssresolvesymlink-bo(13247)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13247"
            },
            {
              "name": "20040201-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
            },
            {
              "name": "10716",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10716"
            },
            {
              "name": "20040405 [OpenPKG-SA-2004.009] OpenPKG Security Advisory (mc)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108118433222764\u0026w=2"
            },
            {
              "name": "CSSA-2004-014.0",
              "refsource": "CALDERA",
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt"
            },
            {
              "name": "FEDORA-2004-058",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA-2004-058.shtml"
            },
            {
              "name": "10645",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10645"
            },
            {
              "name": "MDKSA-2004:007",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:007"
            },
            {
              "name": "10823",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10823"
            },
            {
              "name": "20030919 uninitialized buffer in midnight commander",
              "refsource": "BUGTRAQ",
              "url": "http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html"
            },
            {
              "name": "CLA-2004:833",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000833"
            },
            {
              "name": "8658",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/8658"
            },
            {
              "name": "DSA-424",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-424"
            },
            {
              "name": "RHSA-2004:035",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2004-035.html"
            },
            {
              "name": "10685",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10685"
            },
            {
              "name": "11219",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11219"
            },
            {
              "name": "oval:org.mitre.oval:def:822",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822"
            },
            {
              "name": "9833",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/9833"
            },
            {
              "name": "11296",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11296"
            },
            {
              "name": "11268",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11268"
            },
            {
              "name": "11262",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11262"
            },
            {
              "name": "GLSA-200403-09",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200403-09.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-1023",
    "datePublished": "2004-01-06T05:00:00",
    "dateReserved": "2004-01-05T00:00:00",
    "dateUpdated": "2024-08-08T02:12:35.765Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1092 (GCVE-0-2004-1092)
Vulnerability from cvelistv5
Published
2005-01-22 05:00
Modified
2024-08-08 00:39
Severity ?
CWE
  • n/a
Summary
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.
References
http://secunia.com/advisories/13863/ third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-639 vendor-advisory, x_refsource_DEBIAN
http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml vendor-advisory, x_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilities/18904 vdb-entry, x_refsource_XF
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.814Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "13863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13863/"
          },
          {
            "name": "DSA-639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-639"
          },
          {
            "name": "GLSA-200502-24",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
          },
          {
            "name": "midnight-commander-memory-allocation(18904)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18904"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "13863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13863/"
        },
        {
          "name": "DSA-639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-639"
        },
        {
          "name": "GLSA-200502-24",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
        },
        {
          "name": "midnight-commander-memory-allocation(18904)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18904"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1092",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "13863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13863/"
            },
            {
              "name": "DSA-639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-639"
            },
            {
              "name": "GLSA-200502-24",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
            },
            {
              "name": "midnight-commander-memory-allocation(18904)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18904"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1092",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2004-11-30T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.814Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-0232 (GCVE-0-2004-0232)
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
CWE
  • n/a
Summary
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:10:03.655Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SuSE-SA:2004:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
          },
          {
            "name": "GLSA-200405-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
          },
          {
            "name": "midnight-commander-format-string(16021)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021"
          },
          {
            "name": "MDKSA-2004:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
          },
          {
            "name": "DSA-497",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-497"
          },
          {
            "name": "RHSA-2004:172",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-04-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SuSE-SA:2004:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
        },
        {
          "name": "GLSA-200405-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
        },
        {
          "name": "midnight-commander-format-string(16021)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021"
        },
        {
          "name": "MDKSA-2004:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
        },
        {
          "name": "DSA-497",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-497"
        },
        {
          "name": "RHSA-2004:172",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0232",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SuSE-SA:2004:012",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
            },
            {
              "name": "GLSA-200405-21",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
            },
            {
              "name": "midnight-commander-format-string(16021)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021"
            },
            {
              "name": "MDKSA-2004:039",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
            },
            {
              "name": "DSA-497",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-497"
            },
            {
              "name": "RHSA-2004:172",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0232",
    "datePublished": "2004-05-05T04:00:00",
    "dateReserved": "2004-03-17T00:00:00",
    "dateUpdated": "2024-08-08T00:10:03.655Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0763 (GCVE-0-2005-0763)
Vulnerability from cvelistv5
Published
2005-03-29 05:00
Modified
2024-08-07 21:28
Severity ?
CWE
  • n/a
Summary
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
References
http://www.debian.org/security/2005/dsa-698 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2005-512.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:28:27.820Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-698",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-698"
          },
          {
            "name": "RHSA-2005:512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-03-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-03-20T10:00:00",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "DSA-698",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-698"
        },
        {
          "name": "RHSA-2005:512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2005-0763",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-698",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-698"
            },
            {
              "name": "RHSA-2005:512",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2005-0763",
    "datePublished": "2005-03-29T05:00:00",
    "dateReserved": "2005-03-17T00:00:00",
    "dateUpdated": "2024-08-07T21:28:27.820Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1009 (GCVE-0-2004-1009)
Vulnerability from cvelistv5
Published
2005-01-22 05:00
Modified
2024-08-08 00:38
Severity ?
CWE
  • n/a
Summary
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/18903 vdb-entry, x_refsource_XF
http://secunia.com/advisories/13863/ third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-639 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2005-512.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:38:59.810Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "midnight-commander-dos(18903)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18903"
          },
          {
            "name": "13863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13863/"
          },
          {
            "name": "DSA-639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-639"
          },
          {
            "name": "RHSA-2005:512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "midnight-commander-dos(18903)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18903"
        },
        {
          "name": "13863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13863/"
        },
        {
          "name": "DSA-639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-639"
        },
        {
          "name": "RHSA-2005:512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1009",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "midnight-commander-dos(18903)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18903"
            },
            {
              "name": "13863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13863/"
            },
            {
              "name": "DSA-639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-639"
            },
            {
              "name": "RHSA-2005:512",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1009",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2004-11-03T00:00:00",
    "dateUpdated": "2024-08-08T00:38:59.810Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1175 (GCVE-0-2004-1175)
Vulnerability from cvelistv5
Published
2005-01-22 05:00
Modified
2024-08-08 00:39
Severity ?
CWE
  • n/a
Summary
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/18906 vdb-entry, x_refsource_XF
http://secunia.com/advisories/13863/ third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1012903 vdb-entry, x_refsource_SECTRACK
http://www.debian.org/security/2005/dsa-639 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2005-512.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.943Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "midnight-commander-command-execution(18906)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18906"
          },
          {
            "name": "13863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13863/"
          },
          {
            "name": "1012903",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012903"
          },
          {
            "name": "DSA-639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-639"
          },
          {
            "name": "RHSA-2005:512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "fish.c in midnight commander allows remote attackers to execute arbitrary programs via \"insecure filename quoting,\" possibly using shell metacharacters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "midnight-commander-command-execution(18906)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18906"
        },
        {
          "name": "13863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13863/"
        },
        {
          "name": "1012903",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012903"
        },
        {
          "name": "DSA-639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-639"
        },
        {
          "name": "RHSA-2005:512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1175",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "fish.c in midnight commander allows remote attackers to execute arbitrary programs via \"insecure filename quoting,\" possibly using shell metacharacters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "midnight-commander-command-execution(18906)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18906"
            },
            {
              "name": "13863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13863/"
            },
            {
              "name": "1012903",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012903"
            },
            {
              "name": "DSA-639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-639"
            },
            {
              "name": "RHSA-2005:512",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1175",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2004-12-13T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.943Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-0231 (GCVE-0-2004-0231)
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
CWE
  • n/a
Summary
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:10:03.983Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SuSE-SA:2004:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
          },
          {
            "name": "GLSA-200405-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
          },
          {
            "name": "MDKSA-2004:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
          },
          {
            "name": "DSA-497",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-497"
          },
          {
            "name": "RHSA-2004:172",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
          },
          {
            "name": "midnight-commander-insecure-files(16020)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-04-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to \"Insecure temporary file and directory creations.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SuSE-SA:2004:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
        },
        {
          "name": "GLSA-200405-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
        },
        {
          "name": "MDKSA-2004:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
        },
        {
          "name": "DSA-497",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-497"
        },
        {
          "name": "RHSA-2004:172",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
        },
        {
          "name": "midnight-commander-insecure-files(16020)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0231",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to \"Insecure temporary file and directory creations.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SuSE-SA:2004:012",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
            },
            {
              "name": "GLSA-200405-21",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
            },
            {
              "name": "MDKSA-2004:039",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
            },
            {
              "name": "DSA-497",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-497"
            },
            {
              "name": "RHSA-2004:172",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
            },
            {
              "name": "midnight-commander-insecure-files(16020)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0231",
    "datePublished": "2004-05-05T04:00:00",
    "dateReserved": "2004-03-17T00:00:00",
    "dateUpdated": "2024-08-08T00:10:03.983Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1174 (GCVE-0-2004-1174)
Vulnerability from cvelistv5
Published
2005-01-22 05:00
Modified
2024-08-08 00:39
Severity ?
CWE
  • n/a
Summary
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
References
http://secunia.com/advisories/13863/ third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1012903 vdb-entry, x_refsource_SECTRACK
http://www.debian.org/security/2005/dsa-639 vendor-advisory, x_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilities/18909 vdb-entry, x_refsource_XF
http://www.redhat.com/support/errata/RHSA-2005-512.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.873Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "13863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13863/"
          },
          {
            "name": "1012903",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012903"
          },
          {
            "name": "DSA-639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-639"
          },
          {
            "name": "midnight-commander-direntry-dos(18909)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18909"
          },
          {
            "name": "RHSA-2005:512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by \"manipulating non-existing file handles.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "13863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13863/"
        },
        {
          "name": "1012903",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012903"
        },
        {
          "name": "DSA-639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-639"
        },
        {
          "name": "midnight-commander-direntry-dos(18909)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18909"
        },
        {
          "name": "RHSA-2005:512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1174",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by \"manipulating non-existing file handles.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "13863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13863/"
            },
            {
              "name": "1012903",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012903"
            },
            {
              "name": "DSA-639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-639"
            },
            {
              "name": "midnight-commander-direntry-dos(18909)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18909"
            },
            {
              "name": "RHSA-2005:512",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1174",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2004-12-13T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.873Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1176 (GCVE-0-2004-1176)
Vulnerability from cvelistv5
Published
2005-01-22 05:00
Modified
2024-08-08 00:39
Severity ?
CWE
  • n/a
Summary
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/18911 vdb-entry, x_refsource_XF
http://secunia.com/advisories/13863 third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-217.html vendor-advisory, x_refsource_REDHAT
http://securitytracker.com/id?1012903 vdb-entry, x_refsource_SECTRACK
http://www.debian.org/security/2005/dsa-639 vendor-advisory, x_refsource_DEBIAN
http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml vendor-advisory, x_refsource_GENTOO
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.909Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "midnight-commander-extfs-dos(18911)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18911"
          },
          {
            "name": "13863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13863"
          },
          {
            "name": "RHSA-2005:217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
          },
          {
            "name": "1012903",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012903"
          },
          {
            "name": "DSA-639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-639"
          },
          {
            "name": "GLSA-200502-24",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "midnight-commander-extfs-dos(18911)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18911"
        },
        {
          "name": "13863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13863"
        },
        {
          "name": "RHSA-2005:217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
        },
        {
          "name": "1012903",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012903"
        },
        {
          "name": "DSA-639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-639"
        },
        {
          "name": "GLSA-200502-24",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1176",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "midnight-commander-extfs-dos(18911)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18911"
            },
            {
              "name": "13863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13863"
            },
            {
              "name": "RHSA-2005:217",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
            },
            {
              "name": "1012903",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012903"
            },
            {
              "name": "DSA-639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-639"
            },
            {
              "name": "GLSA-200502-24",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1176",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2004-12-13T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.909Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2001-1429 (GCVE-0-2001-1429)
Vulnerability from cvelistv5
Published
2005-03-24 05:00
Modified
2024-08-08 04:58
Severity ?
CWE
  • n/a
Summary
Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file.
References
http://www.kb.cert.org/vuls/id/203203 third-party-advisory, x_refsource_CERT-VN
https://exchange.xforce.ibmcloud.com/vulnerabilities/10630 vdb-entry, x_refsource_XF
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:58:11.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#203203",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/203203"
          },
          {
            "name": "midnight-commander-mcedit-bo(10630)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10630"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#203203",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/203203"
        },
        {
          "name": "midnight-commander-mcedit-bo(10630)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10630"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1429",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#203203",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/203203"
            },
            {
              "name": "midnight-commander-mcedit-bo(10630)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10630"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1429",
    "datePublished": "2005-03-24T05:00:00",
    "dateReserved": "2005-03-24T00:00:00",
    "dateUpdated": "2024-08-08T04:58:11.519Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1093 (GCVE-0-2004-1093)
Vulnerability from cvelistv5
Published
2005-01-22 05:00
Modified
2024-08-08 00:39
Severity ?
CWE
  • n/a
Summary
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."
References
http://secunia.com/advisories/13863/ third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/18905 vdb-entry, x_refsource_XF
http://www.debian.org/security/2005/dsa-639 vendor-advisory, x_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2005-512.html vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.854Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "13863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13863/"
          },
          {
            "name": "midnight-commander-key-dos(18905)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18905"
          },
          {
            "name": "DSA-639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-639"
          },
          {
            "name": "RHSA-2005:512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via \"use of already freed memory.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "13863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13863/"
        },
        {
          "name": "midnight-commander-key-dos(18905)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18905"
        },
        {
          "name": "DSA-639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-639"
        },
        {
          "name": "RHSA-2005:512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1093",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via \"use of already freed memory.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "13863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13863/"
            },
            {
              "name": "midnight-commander-key-dos(18905)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18905"
            },
            {
              "name": "DSA-639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-639"
            },
            {
              "name": "RHSA-2005:512",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-512.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1093",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2004-11-30T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.854Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-1999-1337 (GCVE-0-1999-1337)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-01 17:11
Severity ?
CWE
  • n/a
Summary
FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.
References
http://www.osvdb.org/5921 vdb-entry, x_refsource_OSVDB
http://www.iss.net/security_center/static/9873.php vdb-entry, x_refsource_XF
http://marc.info/?l=bugtraq&m=93370073207984&w=2 mailing-list, x_refsource_BUGTRAQ
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:11:03.222Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "5921",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/5921"
          },
          {
            "name": "midnight-commander-data-disclosure(9873)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/9873.php"
          },
          {
            "name": "19990801 midnight commander vulnerability(?) (fwd)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=93370073207984\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "1999-08-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2003-03-18T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "5921",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/5921"
        },
        {
          "name": "midnight-commander-data-disclosure(9873)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/9873.php"
        },
        {
          "name": "19990801 midnight commander vulnerability(?) (fwd)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=93370073207984\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-1999-1337",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "5921",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/5921"
            },
            {
              "name": "midnight-commander-data-disclosure(9873)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/9873.php"
            },
            {
              "name": "19990801 midnight commander vulnerability(?) (fwd)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=93370073207984\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-1999-1337",
    "datePublished": "2003-04-02T05:00:00",
    "dateReserved": "2001-08-31T00:00:00",
    "dateUpdated": "2024-08-01T17:11:03.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1005 (GCVE-0-2004-1005)
Vulnerability from cvelistv5
Published
2005-01-22 05:00
Modified
2024-08-08 00:39
Severity ?
CWE
  • n/a
Summary
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
References
http://secunia.com/advisories/13863/ third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/18898 vdb-entry, x_refsource_XF
http://www.redhat.com/support/errata/RHSA-2005-217.html vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2005/dsa-639 vendor-advisory, x_refsource_DEBIAN
http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml vendor-advisory, x_refsource_GENTOO
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "13863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13863/"
          },
          {
            "name": "midnight-commander-bo(18898)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18898"
          },
          {
            "name": "RHSA-2005:217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
          },
          {
            "name": "DSA-639",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-639"
          },
          {
            "name": "GLSA-200502-24",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "13863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13863/"
        },
        {
          "name": "midnight-commander-bo(18898)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18898"
        },
        {
          "name": "RHSA-2005:217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
        },
        {
          "name": "DSA-639",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-639"
        },
        {
          "name": "GLSA-200502-24",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1005",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "13863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13863/"
            },
            {
              "name": "midnight-commander-bo(18898)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18898"
            },
            {
              "name": "RHSA-2005:217",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-217.html"
            },
            {
              "name": "DSA-639",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-639"
            },
            {
              "name": "GLSA-200502-24",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1005",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2004-11-02T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}