Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

DSA-036-1 Midnight Commander -- arbitrary program execution

Related Vulnerabilities: CVE-2000-1109  

It has been reported that a local user could tweak Midnight Commander of another user into executing an arbitrary program under the user id of the person running Midnight Commander. This behaviour has been fixed by Andrew V. Samoilov. We recommend you upgrade your mc package.

Source

Debian Security Advisory

DSA-036-1 Midnight Commander -- arbitrary program execution

Date Reported:
07 Mar 2001
Affected Packages:
mc, gmc
Vulnerable:
Yes
Security database references:
In the Bugtraq database (at SecurityFocus): BugTraq ID 2016.
In Mitre's CVE dictionary: CVE-2000-1109.
More information:
It has been reported that a local user could tweak Midnight Commander of another user into executing an arbitrary program under the user id of the person running Midnight Commander. This behaviour has been fixed by Andrew V. Samoilov.

We recommend you upgrade your mc package.

Fixed in:

Debian 2.2 (potato)

Source:
http://security.debian.org/dists/stable/updates/main/source/mc_4.5.42-11.potato.6.diff.gz
http://security.debian.org/dists/stable/updates/main/source/mc_4.5.42-11.potato.6.dsc
http://security.debian.org/dists/stable/updates/main/source/mc_4.5.42.orig.tar.gz
alpha:
http://security.debian.org/dists/stable/updates/main/binary-alpha/gmc_4.5.42-11.potato.6_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/mc-common_4.5.42-11.potato.6_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/mc_4.5.42-11.potato.6_alpha.deb
arm:
http://security.debian.org/dists/stable/updates/main/binary-arm/gmc_4.5.42-11.potato.6_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/mc-common_4.5.42-11.potato.6_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/mc_4.5.42-11.potato.6_arm.deb
i386:
http://security.debian.org/dists/stable/updates/main/binary-i386/gmc_4.5.42-11.potato.6_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/mc-common_4.5.42-11.potato.6_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/mc_4.5.42-11.potato.6_i386.deb
m68k:
http://security.debian.org/dists/stable/updates/main/binary-m68k/gmc_4.5.42-11.potato.6_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/mc-common_4.5.42-11.potato.6_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/mc_4.5.42-11.potato.6_m68k.deb
powerpc:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/gmc_4.5.42-11.potato.6_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/mc-common_4.5.42-11.potato.6_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/mc_4.5.42-11.potato.6_powerpc.deb
sparc:
http://security.debian.org/dists/stable/updates/main/binary-sparc/gmc_4.5.42-11.potato.6_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/mc-common_4.5.42-11.potato.6_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/mc_4.5.42-11.potato.6_sparc.deb

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started