CVE-2005-0763
published 2005-05-02CVE-2005-0763: Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
PriorityP418medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EPSS
0.47%
37.4th percentile
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | mc | < mc 1:4.6.0-4.6.1-pre3-1 (bookworm) | mc 1:4.6.0-4.6.1-pre3-1 (bookworm) |
| midnight_commander | midnight_commander | <= 4.5.55 | — |
CVSS provenance
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv4.6MEDIUM
vendor_debian4.6MEDIUM
vendor_redhat4.6MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8wc2-8f8r-6722: Buffer overflow in Midnight Commander (mc) 4
ghsa_unreviewed·2022-05-01
CVE-2005-0763 [MEDIUM] GHSA-8wc2-8f8r-6722: Buffer overflow in Midnight Commander (mc) 4
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
OSV
CVE-2005-0763: Buffer overflow in Midnight Commander (mc) 4
osv·2005-05-02·CVSS 4.6
CVE-2005-0763 [MEDIUM] CVE-2005-0763: Buffer overflow in Midnight Commander (mc) 4
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
Red Hat
security flaw
vendor_redhat·2005-03-29·CVSS 4.6
CVE-2005-0763 [MEDIUM] security flaw
security flaw
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
Debian
CVE-2005-0763: mc - Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attacker...
vendor_debian·2005·CVSS 4.6
CVE-2005-0763 [MEDIUM] CVE-2005-0763: mc - Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attacker...
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
Scope: local
bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)
bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)
forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)
sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)
trixie: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-0763 security flaw
bugzilla·2018-08-16·CVSS 4.6
CVE-2005-0763 [MEDIUM] CVE-2005-0763 security flaw
CVE-2005-0763 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
Bugzilla
CAN-2004-1009 Multiple mc issues (CAN-2004-1090 CAN-2004-1091 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2005-0763)
bugzilla·2005-05-24
[MEDIUM] CAN-2004-1009 Multiple mc issues (CAN-2004-1090 CAN-2004-1091 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2005-0763)
CAN-2004-1009 Multiple mc issues (CAN-2004-1090 CAN-2004-1091 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2005-0763)
During the FC4 security audit, we came across a number of mc issues that have
not been fixed. The CVE id's in the Summary is all we know at the moment.
Jindrich, what do you think will be the easiest way to fix all these?
Discussion:
Hello Josh,
There's Fedora Legacy bug 152889, where some things related to these issues are
discussed and some of the patches might be ported to our RHEL-2.1 mc. I'm not
sure at the moment whether all the fixes are incorporated there. I'll have a
closer look into this.
---
*** Bug 153985 has been marked as a duplicate of this bug. ***
---
Josh,
I backported fixes for CAN-2004-1009, CAN-2004-1090, CAN-2004-1091,
CAN-2004-1093, CAN-200
Bugzilla
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
bugzilla·2005-04-06
[MEDIUM] Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow
attackers to execute arbitrary code.
Only affects RHL 7.3
See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0763 and
http://www.debian.org/security/2005/dsa-698
Attachment is extracted patch for CAN-2005-0763 from mc-4.5.55-1.2woody6
mentioned in Debian advisory.
Discussion:
Created attachment 112755
Fix for CAN-2005-0763 (taken from Debian mc-4.5.55-1.2woody6).
---
Hello Leonard,
thanks for the patch. I'm not quite sure it's worth fixing as the buffer
overflowed of one single byte :)
---
The fix is now applied, thanks.
---
*** This bug has been marked as a duplicate of 158671 ***
Bugzilla
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
bugzilla·2005-04-06
[MEDIUM] Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow
attackers to execute arbitrary code.
Only affects RHL 7.3
See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0763 and
http://www.debian.org/security/2005/dsa-698
Attachment is extracted patch for CAN-2005-0763 from mc-4.5.55-1.2woody6
mentioned in Debian advisory.
Discussion:
Created attachment 112754
Fix for CAN-2005-0763 (taken from Debian mc-4.5.55-1.2woody6).
---
Tracked at bug 152889.
---
*** This bug has been marked as a duplicate of 152889 ***
2005-05-02
Published