Midnight Commander is a visual shell much like a file manager.
A buffer overflow has been found in Midnight Commander’s virtual filesystem
code. Specifically, a stack-based buffer overflow in vfs_s_resolve_symlink
of vfs/direntry.c allows remote attackers to execute arbitrary code during
symlink conversion.
Users of Midnight Commander should install these updated packages, which
resolve this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | i386 | mcserv | < 4.5.51-36.1 | mcserv-4.5.51-36.1.i386.rpm |
RedHat | any | i386 | gmc | < 4.5.51-36.1 | gmc-4.5.51-36.1.i386.rpm |
RedHat | any | ia64 | mcserv | < 4.5.51-36.1 | mcserv-4.5.51-36.1.ia64.rpm |
RedHat | any | i386 | mc | < 4.5.51-36.1 | mc-4.5.51-36.1.i386.rpm |
RedHat | any | ia64 | gmc | < 4.5.51-36.1 | gmc-4.5.51-36.1.ia64.rpm |
RedHat | any | ia64 | mc | < 4.5.51-36.1 | mc-4.5.51-36.1.ia64.rpm |