Mandrake Linux Security Advisory : mc (MDKSA-2004:039)
Critical Nessus Plugin ID 14138
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionSeveral vulnerabilities in Midnight Commander were found by Jacub Jelinek. This includes several buffer overflows (CVE-2004-0226), as well as a format string issue (CVE-2004-0232), and an issue with temporary file and directory creation (CVE-2004-0231). Most of the included fixes are backports from CVS, done by Andrew V. Samoilov and Pavel Roskin.
The updated packages are patched to correct these problems.
SolutionUpdate the affected mc package.