6 matches found
CVE-2004-0226
CVE-2004-0226 affects Midnight Commander (mc) prior to 4.6.0. The issue is described as multiple buffer overflows that may allow a denial of service or arbitrary code execution. Connected documents corroborate MC-related advisories (e.g., GLSA/DSA entries) and reference related CVEs (CVE-2004-023...
CVE-2004-0233
CVE-2004-0233 describes a symlink vulnerability in the utempter library, where device names containing .. (dot dot) directory traversal can enable local users to overwrite arbitrary files via a symlink attack when an application trusts utmp/wtmp. Public documents from Slackware, Gentoo, Gentoo GL...
CVE-1999-0242
The CVE describes a vulnerability where remote attackers could access mail files via POP3 on some Linux systems that use shadow passwords. Connected sources corroborate that the issue arises from how mail data is stored/access-controlled in environments with shadow passwords, enabling partial con...
CVE-2000-0867
Kernel logging daemon (klogd) in Linux (sysklogd) is vulnerable due to a 'format bug' that fails to cleanse user-supplied format strings, enabling local users to gain root privileges by triggering malformed kernel messages. Mandrake MDKSA-2000:050-1 describes a patched klogd version; Debian patch...
CVE-2004-0232
Midnight Commander (mc) is affected by CVE-2004-0232: multiple format string vulnerabilities in versions before 4.6.0 that can cause a denial of service or arbitrary code execution. Exploitation details are not provided in the documents; remediation per description is to upgrade to 4.6.0 or newer.
CVE-2004-0231
CVE-2004-0231 affects Midnight Commander (mc) prior to 4.6.0. The issue is described as insecure temporary file and directory creation in mc. The provided connected documents confirm this CVE against mc, but do not disclose a specific impact assessment or a concrete remediation within the supplie...