Lucene search
K

6 matches found

CVE
CVE
added 2004/05/05 4:0 a.m.87 views

CVE-2004-0226

CVE-2004-0226 affects Midnight Commander (mc) prior to 4.6.0. The issue is described as multiple buffer overflows that may allow a denial of service or arbitrary code execution. Connected documents corroborate MC-related advisories (e.g., GLSA/DSA entries) and reference related CVEs (CVE-2004-023...

10CVSS7AI score0.03936EPSS
CVE
CVE
added 2004/05/05 4:0 a.m.75 views

CVE-2004-0233

CVE-2004-0233 describes a symlink vulnerability in the utempter library, where device names containing .. (dot dot) directory traversal can enable local users to overwrite arbitrary files via a symlink attack when an application trusts utmp/wtmp. Public documents from Slackware, Gentoo, Gentoo GL...

2.1CVSS6AI score0.01095EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.72 views

CVE-1999-0242

The CVE describes a vulnerability where remote attackers could access mail files via POP3 on some Linux systems that use shadow passwords. Connected sources corroborate that the issue arises from how mail data is stored/access-controlled in environments with shadow passwords, enabling partial con...

7.5CVSS7.4AI score0.02299EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.71 views

CVE-2000-0867

Kernel logging daemon (klogd) in Linux (sysklogd) is vulnerable due to a 'format bug' that fails to cleanse user-supplied format strings, enabling local users to gain root privileges by triggering malformed kernel messages. Mandrake MDKSA-2000:050-1 describes a patched klogd version; Debian patch...

7.2CVSS6.5AI score0.00406EPSS
CVE
CVE
added 2004/05/05 4:0 a.m.68 views

CVE-2004-0232

Midnight Commander (mc) is affected by CVE-2004-0232: multiple format string vulnerabilities in versions before 4.6.0 that can cause a denial of service or arbitrary code execution. Exploitation details are not provided in the documents; remediation per description is to upgrade to 4.6.0 or newer.

5CVSS7.1AI score0.02945EPSS
CVE
CVE
added 2004/05/05 4:0 a.m.66 views

CVE-2004-0231

CVE-2004-0231 affects Midnight Commander (mc) prior to 4.6.0. The issue is described as insecure temporary file and directory creation in mc. The provided connected documents confirm this CVE against mc, but do not disclose a specific impact assessment or a concrete remediation within the supplie...

2.1CVSS6.4AI score0.0038EPSS