Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SA:2004:012
HistoryMay 14, 2004 - 2:09 p.m.

local privilege escalation in mc

2004-05-1414:09:57
lists.opensuse.org
21

0.933 High

EPSS

Percentile

99.1%

JSON

The Midnight Commander (mc) is a file manager for the console. The mc code is vulnerable to several security related bugs like buffer overflows, incorrect format string handling and insecure usage of temporary files. These bugs can be exploited by local users to gain access to the privileges of the user running mc.

Related

openvas 39
nessus 54
osv 4
freebsd 4
redhat 4
debian 7
gentoo 5
slackware 2
securityvulns 6
suse 4
ubuntucve 6
cvelist 10
debiancve 7
nvd 10
cve 10
altlinux 3
httpd 5
cert 11
checkpoint_advisories 1
seebug 3
exploitpack 1
packetstorm 1
exploitdb 1
ubuntu 1
openvas
openvas
HP-UX Update for Apache HPSBUX01022
2009-05-05 00:00:00
Gentoo Security Advisory GLSA 200405-21 (MC)
2008-09-24 00:00:00
Slackware Advisory SSA:2004-136-01 mc
2012-09-11 00:00:00
nessus
nessus
SuSE-SA:2004:012: mc
2004-07-25 00:00:00
Debian DSA-497-1 : mc - several vulnerabilities
2004-09-29 00:00:00
Fedora Core 1 : mc-4.6.0-14.10 (2004-112)
2004-07-23 00:00:00
osv
osv
mc - several vulnerabilities
2004-04-29 00:00:00
ethereal - buffer overflows
2004-05-30 00:00:00
exim-tls - buffer overflow
2004-05-11 00:00:00
freebsd
freebsd
Midnight Commander buffer overflows, format string bugs, and insecure temporary file handling
2004-04-29 00:00:00
multiple vulnerabilities in ethereal
2004-03-23 00:00:00
exim buffer overflow when verify = header_syntax is used
2004-05-06 00:00:00
redhat
redhat
(RHSA-2004:172) mc security update
2004-05-19 00:00:00
(RHSA-2004:136) ethereal security update
2004-03-30 00:00:00
(RHSA-2004:084) httpd security update
2004-03-23 00:00:00
debian
debian
[SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities
2004-04-29 19:27:49
[SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities
2004-04-29 19:27:49
[SECURITY] [DSA 511-1] New ethereal packages fix buffer overflows
2004-05-30 18:26:03
gentoo
gentoo
Midnight Commander: Multiple vulnerabilities
2004-05-26 00:00:00
Multiple remote overflows and vulnerabilities in Ethereal
2004-03-28 00:00:00
Apache 1.3: Multiple vulnerabilities
2004-05-26 00:00:00
slackware
slackware
mc
2004-05-17 02:27:55
apache
2004-05-12 16:54:58
securityvulns
securityvulns
[Full-Disclosure] MDKSA-2004:039 - Updated mc packages fix vulnerabilities
2004-04-30 00:00:00
SUSE Security Announcement: cvs (SuSE-SA:2004:008)
2004-04-15 00:00:00
[Full-Disclosure] [RHSA-2004:182-01] Updated httpd packages fix mod_ssl security issue
2004-04-30 00:00:00
suse
suse
remote code execution in cvs
2004-04-14 15:54:44
remote file creation in kdelibs/kdelibs3
2004-05-26 11:35:37
local privilege escalation in Linux Kernel
2004-04-14 15:46:44
ubuntucve
ubuntucve
CVE-2003-0020
2003-03-18 00:00:00
CVE-2004-0400
2004-07-07 00:00:00
CVE-2004-0232
2004-08-18 00:00:00
cvelist
cvelist
CVE-2003-0020
2004-09-01 04:00:00
CVE-2004-0367
2004-03-25 05:00:00
CVE-2004-0400
2004-05-12 04:00:00
debiancve
debiancve
CVE-2004-0400
2004-07-07 04:00:00
CVE-2003-0020
2004-09-01 04:00:00
CVE-2004-0113
2004-09-01 04:00:00
nvd
nvd
CVE-2004-0400
2004-07-07 04:00:00
CVE-2003-0020
2003-03-18 05:00:00
CVE-2004-0367
2004-05-04 04:00:00
cve
cve
CVE-2003-0020
2004-09-01 04:00:00
CVE-2004-0367
2004-05-04 04:00:00
CVE-2004-0400
2004-07-07 04:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.0.40-21
2003-02-24 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.0.40-21
2003-02-24 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.0.40-21
2003-02-24 00:00:00
httpd
httpd
Apache Httpd < 1.3.31 : Error log escape filtering
2003-02-24 00:00:00
Apache Httpd < 2.0.49 : Error log escape filtering
2003-02-24 00:00:00
Apache Httpd < 2.0.49 : mod_ssl memory leak
2004-02-20 00:00:00
cert
cert
Ethereal ISUP protocol dissector fails to properly decode ISUP packets
2004-03-25 00:00:00
Ethereal IrDA dissector plugin fails to properly parse IRCOM_PORT_NAME parameter
2004-03-25 00:00:00
Ethereal contains multiple vulnerabilities in the UCP protocol dissector
2004-03-25 00:00:00
checkpoint_advisories
checkpoint_advisories
Ethereal Netflow Dissector Buffer Overflow (CVE-2004-0176)
2009-10-22 00:00:00
seebug
seebug
jetty 6.x - 7.x xss information disclosure injection
2009-10-26 00:00:00
jetty 6.x - 7.x xss, information disclosure, injection
2014-07-01 00:00:00
jetty 6.x - 7.x xss information disclosure injection
2009-10-26 00:00:00
exploitpack
exploitpack
jetty 6.x 7.x - Cross-Site Scripting Information Disclosure Injection
2009-10-26 00:00:00
packetstorm
packetstorm
Jetty 6.x / 7.x Information Disclosure / XSS
2009-10-26 00:00:00
exploitdb
exploitdb
jetty 6.x &lt; 7.x - Cross-Site Scripting / Information Disclosure / Injection
2009-10-26 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2005-02-15 00:00:00

0.933 High

EPSS

Percentile

99.1%

JSON
Related for SUSE-SA:2004:012
openvas39nessus54osv4freebsd4redhat4debian7gentoo5slackware2securityvulns6suse4ubuntucve6cvelist10debiancve7nvd10cve10altlinux3httpd5cert11checkpoint_advisories1seebug3exploitpack1packetstorm1exploitdb1ubuntu1