Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200502-24] Midnight Commander: Multiple vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Midnight Commander: Multiple vulnerabilities
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200502-24
(Midnight Commander: Multiple vulnerabilities)
Midnight Commander contains several format string vulnerabilities
(CVE-2004-1004), buffer overflows (CVE-2004-1005), a memory
deallocation error (CVE-2004-1092) and a buffer underflow
A possible hacker could exploit these vulnerabilities to execute
arbitrary code with the permissions of the user running Midnight
Commander or cause Denial of Service by freeing unallocated memory.
There is no known workaround at this time.
All Midnight Commander users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-misc/mc-4.6.0-r13"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.