294 matches found
Gentoo Security Advisory GLSA 201402-18
Gentoo Linux Local Security Checks GLSA 201402-18 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
GLSA-201402-18 : GNU Midnight Commander: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-201402-18 GNU Midnight Commander: User-assisted execution of arbitrary code GNU Midnight Commander does not properly sanitize environment variables. Impact : A remote attacker could entice a user to open a specially crafted archiv...
GNU Midnight Commander: User-assisted execution of arbitrary code
Background GNU Midnight Commander is a text based file manager. Description GNU Midnight Commander does not properly sanitize environment variables. Impact A remote attacker could entice a user to open a specially crafted archive file using GNU Midnight Commander, possibly resulting in execution ...
[SECURITY] Fedora 19 Update: gpm-1.20.6-33.fc19
Gpm provides mouse support to text-based Linux applications like the Emacs editor and the Midnight Commander file management system. Gpm also provides console cut-and-paste operations using the mouse and includes a program to allow pop-up menus to appear at the click of a mouse button...
Fedora Update for mc FEDORA-2012-19349
Check for the Version of mc OpenVAS Vulnerability Test Fedora Update for mc FEDORA-2012-19349 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...
[SECURITY] Fedora 17 Update: mc-4.8.6-2.fc17
Midnight Commander is a visual shell much like a file manager, only with many more features. It is a text mode application, but it also includes mouse support. Midnight Commander's best features are its ability to FTP, view tar and zip files, and to poke into RPMs for specific files...
[SECURITY] Fedora 18 Update: mc-4.8.6-2.fc18
Midnight Commander is a visual shell much like a file manager, only with many more features. It is a text mode application, but it also includes mouse support. Midnight Commander's best features are its ability to FTP, view tar and zip files, and to poke into RPMs for specific files...
Fedora 18 : mc-4.8.6-2.fc18 (2012-19335)
sanitize of MCEXTSELECTED variable when viewing multiple files, CVE-2012-4463 862814 https://www.midnight-commander.org/ticket/2913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...
CVE-2012-4463
Midnight Commander mc 4.8.5 does not properly handle the 1 MCEXTSELECTED or 2 MCEXTONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name...
DEBIAN-CVE-2012-4463
Midnight Commander mc 4.8.5 does not properly handle the 1 MCEXTSELECTED or 2 MCEXTONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name...
CVE-2012-4463
Midnight Commander mc 4.8.5 does not properly handle the 1 MCEXTSELECTED or 2 MCEXTONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name...
CVE-2012-4463
Midnight Commander mc 4.8.5 does not properly handle the 1 MCEXTSELECTED or 2 MCEXTONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name...
Design/Logic Flaw
Midnight Commander mc 4.8.5 does not properly handle the 1 MCEXTSELECTED or 2 MCEXTONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name...
UBUNTU-CVE-2012-4463
Midnight Commander mc 4.8.5 does not properly handle the 1 MCEXTSELECTED or 2 MCEXTONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name...
CVE-2012-4463
Midnight Commander mc 4.8.5 does not properly handle the 1 MCEXTSELECTED or 2 MCEXTONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name...
CVE-2012-4463
Midnight Commander mc 4.8.5 does not properly handle the 1 MCEXTSELECTED or 2 MCEXTONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name...
CVE-2012-4463
Affected software: GNU Midnight Commander (mc) 4.8.5 and similar releases. Vulnerability: improper handling/sanitization of environment variables MC_EXT_SELECTED and MC_EXT_ONLYTAGGED when multiple files are selected, enabling a user‑assisted remote attacker to execute arbitrary commands via a cr...
MDVA-2009:191 : mc
This update updates Midnight Commander to latest version, which fixes occasional crashes when searching within editor/browser. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network...
SLES9: Security update for Midnight Commander
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: mc For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5011441 within the SuSE...
SLES9: Security update for Midnight Commander (mc)
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: mc More details may also be found by searching for keyword 5020406 within the SuSE Enterprise Server 9 patch database linked in the references...