|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200403-09] Buffer overflow in Midnight Commander Vulnerability Scan
Vulnerability Scan Summary Buffer overflow in Midnight Commander
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200403-09
(Buffer overflow in Midnight Commander)
A stack-based buffer overflow has been found in Midnight Commander's
virtual filesystem.
Impact
This overflow allows a possible hacker to run arbitrary code on the user's
computer during the symlink conversion process.
Workaround
While a workaround is not currently known for this issue, all users are
advised to upgrade to the latest version of the affected package.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1023
Solution:
All users should upgrade to the current version of the affected package:
# emerge sync
# emerge -pv ">=app-misc/mc-4.6.0-r5"
# emerge ">=app-misc/mc-4.6.0-r5"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|