CVE Vulnerabilities

CVE-2000-1109

Published: Jan 09, 2001 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.

Affected Software

Name Vendor Start Version End Version
Midnight_commander Midnight_commander 4.5.40 4.5.40
Midnight_commander Midnight_commander 4.5.41 4.5.41
Midnight_commander Midnight_commander 4.5.42 4.5.42
Midnight_commander Midnight_commander 4.5.43 4.5.43
Midnight_commander Midnight_commander 4.5.44 4.5.44
Midnight_commander Midnight_commander 4.5.45 4.5.45
Midnight_commander Midnight_commander 4.5.46 4.5.46
Midnight_commander Midnight_commander 4.5.47 4.5.47
Midnight_commander Midnight_commander 4.5.48 4.5.48
Midnight_commander Midnight_commander 4.5.49 4.5.49
Midnight_commander Midnight_commander 4.5.50 4.5.50
Midnight_commander Midnight_commander 4.5.51 4.5.51

References