RHEL 2.1 : mc (RHSA-2005:217)

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated mc packages that fix multiple security issues are now
available.

This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

Midnight Commander (mc) is a visual shell, much like a file manager.

Several format string bugs were found in Midnight Commander. If a user
is tricked by an attacker into opening a specially crafted path with
mc, it may be possible to execute arbitrary code as the user running
Midnight Commander. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2004-1004 to this issue.

Several buffer overflow bugs were found in Midnight Commander. If a
user is tricked by an attacker into opening a specially crafted file
or path with mc, it may be possible to execute arbitrary code as the
user running Midnight Commander. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-1005
to this issue.

A buffer underflow bug was found in Midnight Commander. If a malicious
local user is able to modify the extfs.ini file, it could be possible
to execute arbitrary code as a user running Midnight Commander. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-1176 to this issue.

Users of mc should upgrade to these updated packages, which contain a
backported patch, and are not vulnerable to this issue.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-1004.html
https://www.redhat.com/security/data/cve/CVE-2004-1005.html
https://www.redhat.com/security/data/cve/CVE-2004-1176.html
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295261
http://rhn.redhat.com/errata/RHSA-2005-217.html

Solution :

Update the affected gmc, mc and / or mcserv packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 17267 ()

Bugtraq ID:

CVE ID: CVE-2004-1004
CVE-2004-1005
CVE-2004-1176