This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated mc packages that resolve a buffer overflow vulnerability are
Midnight Commander is a visual shell much like a file manager.
A buffer overflow has been found in Midnight Commander's virtual
filesystem code. Specifically, a stack-based buffer overflow in
vfs_s_resolve_symlink of vfs/direntry.c allows remote attackers to
execute arbitrary code during symlink conversion.
Users of Midnight Commander should install these updated packages,
which resolve this issue.
See also :
Update the affected gmc, mc and / or mcserv packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12456 ()
CVE ID: CVE-2003-1023