Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1109

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2000-1109
Last Modified 05 Sep 2008 04:22:40
Published 09 Jan 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-1109

Summary

Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.

Vulnerable Systems

Application

  • Midnight Commander 4.5.40

  • Midnight Commander 4.5.41

  • Midnight Commander 4.5.42

  • Midnight Commander 4.5.43

  • Midnight Commander 4.5.44

  • Midnight Commander 4.5.45

  • Midnight Commander 4.5.46

  • Midnight Commander 4.5.47

  • Midnight Commander 4.5.48

  • Midnight Commander 4.5.49

  • Midnight Commander 4.5.50

  • Midnight Commander 4.5.51


References

BID - 2016

BUGTRAQ - 20001127 Midnight Commander

XF - midnight-commander-elevate-privileges(5929)

SUSE - SuSE-SA:2001:11

DEBIAN - DSA-036


Last Updated: 27 May 2016 10:36:01