Nessus Plugin #14460
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[GLSA-200403-09] Buffer overflow in Midnight Commander
- Family:
- Gentoo Local Security Checks
- Category:
- infos
- Copyright:
- (C) 2004 Michel Arboi
- Summary:
- Buffer overflow in Midnight Commander
- Version:
- $Revision: 1.1 $
- Cve_id:
- CAN-2003-1023
- Bugtraq_id:
- -
- Xrefs:
- GLSA:200403-09
- Description:
- The remote host is affected by the vulnerability described in GLSA-200403-09
(Buffer overflow in Midnight Commander)
A stack-based buffer overflow has been found in Midnight Commander's
virtual filesystem.
Impact
This overflow allows an attacker to run arbitrary code on the user's
computer during the symlink conversion process.
Workaround
While a workaround is not currently known for this issue, all users are
advised to upgrade to the latest version of the affected package.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023
Solution:
All users should upgrade to the current version of the affected package:
# emerge sync
# emerge -pv ">=app-misc/mc-4.6.0-r5"
# emerge ">=app-misc/mc-4.6.0-r5"
Risk Factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.