{"cve": [{"lastseen": "2020-10-03T11:36:57", "description": "cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument.", "edition": 3, "cvss3": {}, "published": "2001-01-09T05:00:00", "title": "CVE-2000-1108", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2000-1108"], "modified": "2017-10-10T01:29:00", "cpe": ["cpe:/a:midnight_commander:midnight_commander:4.5.42"], "id": "CVE-2000-1108", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-1108", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-01-07T11:51:14", "description": "A problem was found in the cons.saver program by Maurycy Prodeus. The\ncons.saver program is a screensaver for the console that is included\nin the mc package. cons.saver does not check if it is started with a\nvalid stdout, which combined with a bug in its check to see if its\nargument is a tty (it forgets to close the file-descriptor after\nopening the supposed tty), causes it to write a NULL character to the\nfile given as its parameter.", "edition": 24, "published": "2012-09-06T00:00:00", "title": "Mandrake Linux Security Advisory : mc (MDKSA-2000:078)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2000-1108"], "modified": "2012-09-06T00:00:00", "cpe": ["cpe:/o:mandrakesoft:mandrake_linux:7.2", "p-cpe:/a:mandriva:linux:gmc", "cpe:/o:mandrakesoft:mandrake_linux:7.0", "p-cpe:/a:mandriva:linux:mc", "p-cpe:/a:mandriva:linux:mcserv", "cpe:/o:mandrakesoft:mandrake_linux:7.1", "cpe:/o:mandrakesoft:mandrake_linux:6.1", "cpe:/o:mandrakesoft:mandrake_linux:6.0"], "id": "MANDRAKE_MDKSA-2000-078.NASL", "href": "https://www.tenable.com/plugins/nessus/61864", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2000:078. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61864);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2000-1108\");\n script_xref(name:\"MDKSA\", value:\"2000:078\");\n\n script_name(english:\"Mandrake Linux Security Advisory : mc (MDKSA-2000:078)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A problem was found in the cons.saver program by Maurycy Prodeus. The\ncons.saver program is a screensaver for the console that is included\nin the mc package. cons.saver does not check if it is started with a\nvalid stdout, which combined with a bug in its check to see if its\nargument is a tty (it forgets to close the file-descriptor after\nopening the supposed tty), causes it to write a NULL character to the\nfile given as its parameter.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gmc, mc and / or mcserv packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gmc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mcserv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:6.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:7.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2000/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK6.0\", cpu:\"i386\", reference:\"gmc-4.5.31-14.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK6.0\", cpu:\"i386\", reference:\"mc-4.5.31-14.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK6.0\", cpu:\"i386\", reference:\"mcserv-4.5.31-14.1mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK6.1\", cpu:\"i386\", reference:\"gmc-4.5.38-4.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK6.1\", cpu:\"i386\", reference:\"mc-4.5.38-4.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK6.1\", cpu:\"i386\", reference:\"mcserv-4.5.38-4.1mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK7.0\", cpu:\"i386\", reference:\"gmc-4.5.42-4.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.0\", cpu:\"i386\", reference:\"mc-4.5.42-4.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.0\", cpu:\"i386\", reference:\"mcserv-4.5.42-4.1mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK7.1\", cpu:\"i386\", reference:\"gmc-4.5.46-1.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.1\", cpu:\"i386\", reference:\"mc-4.5.46-1.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.1\", cpu:\"i386\", reference:\"mcserv-4.5.46-1.1mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"gmc-4.5.51-7.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"mc-4.5.51-7.1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"mcserv-4.5.51-7.1mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}]}
