RHEL 2.1 : mc (RHSA-2004:035)

This script is Copyright (C) 2004-2016 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated mc packages that resolve a buffer overflow vulnerability are
now available.

Midnight Commander is a visual shell much like a file manager.

A buffer overflow has been found in Midnight Commander's virtual
filesystem code. Specifically, a stack-based buffer overflow in
vfs_s_resolve_symlink of vfs/direntry.c allows remote attackers to
execute arbitrary code during symlink conversion.

Users of Midnight Commander should install these updated packages,
which resolve this issue.

See also :


Solution :

Update the affected gmc, mc and / or mcserv packages.

Risk factor :

High / CVSS Base Score : 7.5

Family: Red Hat Local Security Checks

Nessus Plugin ID: 12456 ()

Bugtraq ID:

CVE ID: CVE-2003-1023

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now