CVE-2004-1093

MEDIUM

Description

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."

References

http://secunia.com/advisories/13863/

http://www.debian.org/security/2005/dsa-639

http://www.redhat.com/support/errata/RHSA-2005-512.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/18905

Details

Source: MITRE

Published: 2005-04-14

Updated: 2017-07-11

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.54:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*

cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*

cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*

cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*

cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*

cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*

cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*

cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*

Tenable Plugins

View all (3 total)

IDNameProductFamilySeverity
18884FreeBSD : mc -- multiple vulnerabilities (2b2b333b-6bd3-11d9-95f8-000a95bc6fae)NessusFreeBSD Local Security Checks
high
18512RHEL 2.1 : mc (RHSA-2005:512)NessusRed Hat Local Security Checks
high
16165Debian DSA-639-1 : mc - several vulnerabilitiesNessusDebian Local Security Checks
high