OpenBSD VuXML: Documenting security issues in the OpenBSD Ports & Packages Collection

mc -- multiple vulnerabilities

Affected packages
mc < 4.6.1pre1p0

Details

VuXML ID 4ccf3184-812c-11d9-b5a5-080020fe8945
Discovery 2005-02-17
Entry 2005-02-17

Midnight Commander contains several format string errors, buffer overflows and one buffer underflow leading to execution of arbitrary code. An attacker could exploit these vulnerabilities to execute arbitrary code with the permissions of the user running Midnight Commander or cause Denial of Service by freeing unallocated memory.

References

CVE Name CAN-2004-1004
CVE Name CAN-2004-1005
CVE Name CAN-2004-1092
CVE Name CAN-2004-1176

Copyright © 2003-2005 Jacques Vidrine, Robert Nagy, and contributors.
Please see the source of this document for full copyright information.