Shodan
Vulnerabilities
Vulnerable Software
Midnight Commander:  >> Midnight Commander  Security Vulnerabilities
CVE-2004-1176
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.022
Published
2005-04-14
CVE-2004-0226
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVSS Score
10.0
EPSS Score
0.012
Published
2004-08-18
CVE-2004-0231
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
CVSS Score
2.1
EPSS Score
0.001
Published
2004-08-18
CVE-2004-0232
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVSS Score
5.0
EPSS Score
0.01
Published
2004-08-18
CVE-2003-1023
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
CVSS Score
7.5
EPSS Score
0.083
Published
2004-01-20
CVE-2001-1429
Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-11-12
CVE-2000-1108
cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-01-09
CVE-2000-1109
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-01-09
CVE-1999-1337
FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
1999-08-01
CVE-1999-0480
Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack.
CVSS Score
2.1
EPSS Score
0.001
Published
1999-04-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved