Family: Fedora Local Security Checks --> Category: infos
Fedora Core 1 2004-112: mc Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the mc package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2004-112 (mc).
Midnight Commander is a visual shell much like a file manager, only
with many more features. It is a text mode application, but it also
includes mouse support if you are running GPM. Midnight Commander's
best features are its ability to FTP, view tar and zip files, and to
poke into RPMs for specific files.
Several buffer overflows, several temporary file creation
vulnerabilities, and one format string vulnerability have been
discovered in Midnight Commander. These vulnerabilities were
discovered mostly by Andrew V. Samoilov and Pavel Roskin. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the names CVE-2004-0226, CVE-2004-0231, and CVE-2004-0232 to these
Solution : http://www.fedoranews.org/updates/FEDORA-2004-112.shtml
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.