CVE-2004-1176
published 2005-04-14CVE-2004-1176: Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary…
PriorityP428high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
3.10%
86.1th percentile
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | mc | < mc 1:4.6.0-4.6.1-pre3-1 (bookworm) | mc 1:4.6.0-4.6.1-pre3-1 (bookworm) |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| midnight_commander | midnight_commander | — | — |
| redhat | enterprise_linux | — | — |
| redhat | linux_advanced_workstation | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6j4g-wprm-mhpw: Buffer underflow in extfs
ghsa_unreviewed·2022-04-29
CVE-2004-1176 [HIGH] GHSA-6j4g-wprm-mhpw: Buffer underflow in extfs
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
OSV
CVE-2004-1176: Buffer underflow in extfs
osv·2005-04-14·CVSS 7.5
CVE-2004-1176 [HIGH] CVE-2004-1176: Buffer underflow in extfs
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Red Hat
security flaw
vendor_redhat·2004-12-13·CVSS 7.5
CVE-2004-1176 [HIGH] security flaw
security flaw
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Debian
CVE-2004-1176: mc - Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows...
vendor_debian·2004·CVSS 7.5
CVE-2004-1176 [HIGH] CVE-2004-1176: mc - Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows...
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Scope: local
bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)
bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)
forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)
sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)
trixie: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)
No detection rules found.
No public exploits indexed.
http://secunia.com/advisories/13863http://securitytracker.com/id?1012903http://www.debian.org/security/2005/dsa-639http://www.gentoo.org/security/en/glsa/glsa-200502-24.xmlhttp://www.redhat.com/support/errata/RHSA-2005-217.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/18911http://secunia.com/advisories/13863http://securitytracker.com/id?1012903http://www.debian.org/security/2005/dsa-639http://www.gentoo.org/security/en/glsa/glsa-200502-24.xmlhttp://www.redhat.com/support/errata/RHSA-2005-217.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/18911
2005-04-14
Published