Debian Mc vulnerabilities

CVE-2023-45925 [LOW] CVE-2023-45925: mc - GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL po... GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function x_error_handler() at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem (an X operation silently fails). Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-36370 [HIGH] CVE-2021-36370: mc - An issue was discovered in Midnight Commander through 4.8.26. When establishing ... An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity. Scope: local bookworm: resolved (fixed in 3:4.8.27-1) bullseye: open forky: resolved (fixed in 3:4.8.27-1) sid: resolv

CVE-2012-4463 [MEDIUM] CVE-2012-4463: mc - Midnight Commander (mc) 4.8.5 does not properly handle the (1) MC_EXT_SELECTED o... Midnight Commander (mc) 4.8.5 does not properly handle the (1) MC_EXT_SELECTED or (2) MC_EXT_ONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name. Scope: local bookworm: resolved (fixed in 3:4.8.8-1) bullseye: resolved (fixed in 3:4.8.8-1) forky: resolved (fixe

CVE-2005-0763 [MEDIUM] CVE-2005-0763: mc - Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attacker... Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) trixie: resolved (fixed in 1:4.6.0-4.6.1-pre3-1)

CVE-2004-0226 [CRITICAL] CVE-2004-0226: mc - Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow atta... Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) forky: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) sid: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) trixie: resolved (fi

CVE-2004-1005 [HIGH] CVE-2004-1005: mc - Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow re... Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) trixie: resolved (fixed in 1:4.6.0-4.6.1-pre

CVE-2004-1176 [HIGH] CVE-2004-1176: mc - Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows... Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) tr

CVE-2004-1004 [HIGH] CVE-2004-1004: mc - Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and ear... Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) trixie: resolved (fixed in 1:4.

CVE-2004-1175 [HIGH] CVE-2004-1175: mc - fish.c in midnight commander allows remote attackers to execute arbitrary progra... fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) trixie: resol

CVE-2004-0232 [MEDIUM] CVE-2004-0232: mc - Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 m... Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) forky: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) sid: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) trixie: r

CVE-2004-1090 [MEDIUM] CVE-2004-1090: mc - Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a de... Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) trixie: resolved (fixed in 1:4.6.0-4

CVE-2004-1093 [MEDIUM] CVE-2004-1093: mc - Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a de... Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) trixie: resolved (fixed in 1:4.6.

CVE-2004-1092 [MEDIUM] CVE-2004-1092: mc - Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a de... Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) trixie: resolved (fixed in

CVE-2004-1009 [MEDIUM] CVE-2004-1009: mc - Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a de... Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) trixie: resolved (fixed

CVE-2004-1174 [MEDIUM] CVE-2004-1174: mc - direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cau... direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) trixie: resolved

CVE-2004-1091 [MEDIUM] CVE-2004-1091: mc - Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a de... Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) forky: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) sid: resolved (fixed in 1:4.6.0-4.6.1-pre3-1) trixie: resolved (fixed in 1:4.6.0

CVE-2004-0231 [LOW] CVE-2004-0231: mc - Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown i... Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) forky: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) sid: resolved (fixed in 1:4.6.0-4.6.1-pre1-2) trixie: resolved (

CVE-2003-1023 [HIGH] CVE-2003-1023: mc - Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midni... Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion. Scope: local bookworm: resolved (fixed in 1:4.6.0-4.6.1-pre1-1) bullseye: resolved (fixed in 1:4.6.0-4.6.1-pre1-1) forky: resolved (fixed in 1:4.6.0-4.