Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:039: mc Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the mc package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:039 (mc).
Several vulnerabilities in Midnight Commander were found by Jacub Jelinek. This
includes several buffer overflows (CVE-2004-0226), as well as a format string
issue (CVE-2004-0232), and an issue with temporary file and directory creation
(CVE-2004-0231). Most of the included fixes are backports from CVS, done by
Andrew V. Samoilov and Pavel Roskin.
The updated packages are patched to correct these problems.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:039
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.