This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Midnight Commander First view 2005-04-14
Product Midnight Commander Last view 2005-05-02
Version 4.5.54 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:midnight_commander:midnight_commander

Activity : Overall

Related : CVE

  Date Alert Description
4.6 2005-05-02 CVE-2005-0763

Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.

7.5 2005-04-14 CVE-2004-1176

Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

7.5 2005-04-14 CVE-2004-1175

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.

5 2005-04-14 CVE-2004-1174

direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."

5 2005-04-14 CVE-2004-1093

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."

5 2005-04-14 CVE-2004-1092

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.

5 2005-04-14 CVE-2004-1091

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.

5 2005-04-14 CVE-2004-1090

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."

5 2005-04-14 CVE-2004-1009

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

7.5 2005-04-14 CVE-2004-1005

Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

7.5 2005-04-14 CVE-2004-1004

Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

Open Source Vulnerability Database (OSVDB)

id Description
15170 Midnight Commander insert_text() Function Local Overflow
12911 Midnight Commander Unspecified Underflow DoS
12910 Midnight Commander Insecure Filename Quoting Arbitrary Command Execution
12909 Midnight Commander Nonexistent File Descriptor Handling DoS
12908 Midnight Commander Unspecified Freed Memory DoS
12907 Midnight Commander Unspecified Unallocated Memory Issue
12906 Midnight Commander Unspecified Null Dereference DoS
12905 Midnight Commander Corrupted Selection Header DoS
12904 Midnight Commander Unspecified Infinite Loop DoS
12903 Midnight Commander Multiple Unspecified Overflows
12902 Midnight Commander Multiple Unspecified Format Strings

OpenVAS Exploits

id Description
2009-10-10 Name : SLES9: Security update for Midnight Commander
File : nvt/sles9p5011441.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200502-24 (mc)
File : nvt/glsa_200502_24.nasl
2008-09-04 Name : FreeBSD Ports: mc
File : nvt/freebsd_mc.nasl
2008-01-17 Name : Debian Security Advisory DSA 639-1 (mc)
File : nvt/deb_639_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 698-1 (mc)
File : nvt/deb_698_1.nasl

Nessus® Vulnerability Scanner

id Description
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9797.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_2b2b333b6bd311d995f8000a95bc6fae.nasl - Type: ACT_GATHER_INFO
2005-06-17 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-512.nasl - Type: ACT_GATHER_INFO
2005-03-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-698.nasl - Type: ACT_GATHER_INFO
2005-03-04 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-217.nasl - Type: ACT_GATHER_INFO
2005-02-18 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200502-24.nasl - Type: ACT_GATHER_INFO
2005-01-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-639.nasl - Type: ACT_GATHER_INFO