CVE-2004-0232

Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://security.gentoo.org/glsa/glsa-200405-21.xml
http://www.debian.org/security/2004/dsa-497
http://www.mandriva.com/security/advisories?name=MDKSA-2004:039
http://www.novell.com/linux/security/advisories/2004_12_mc.html
http://www.redhat.com/support/errata/RHSA-2004-172.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/16021
http://security.gentoo.org/glsa/glsa-200405-21.xml
http://www.debian.org/security/2004/dsa-497
http://www.mandriva.com/security/advisories?name=MDKSA-2004:039
http://www.novell.com/linux/security/advisories/2004_12_mc.html
http://www.redhat.com/support/errata/RHSA-2004-172.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/16021

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:::::::*
	cpe:2.3:a:midnight_commander:midnight_commander:4.6:::::::*
	cpe:2.3:a:sgi:propack:2.3:::::::*
	cpe:2.3:a:sgi:propack:2.4:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:gentoo:linux:0.5:::::::*
	cpe:2.3:o:gentoo:linux:0.7:::::::*
	cpe:2.3:o:gentoo:linux:1.1a:::::::*
	cpe:2.3:o:gentoo:linux:1.2:::::::*
	cpe:2.3:o:gentoo:linux:1.4:::::::*
	cpe:2.3:o:gentoo:linux:1.4:rc1::::::
	cpe:2.3:o:gentoo:linux:1.4:rc2::::::
	cpe:2.3:o:gentoo:linux:1.4:rc3::::::
	cpe:2.3:o:slackware:slackware_linux::::::::
	cpe:2.3:o:slackware:slackware_linux:9.0:::::::*
	cpe:2.3:o:slackware:slackware_linux:9.1:::::::*

History

20 Nov 2024, 23:48

Type	Values Removed	Values Added
References	~~() http://security.gentoo.org/glsa/glsa-200405-21.xml -~~	() http://security.gentoo.org/glsa/glsa-200405-21.xml -
References	~~() http://www.debian.org/security/2004/dsa-497 -~~	() http://www.debian.org/security/2004/dsa-497 -
References	~~() http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 -~~	() http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 -
References	~~() http://www.novell.com/linux/security/advisories/2004_12_mc.html -~~	() http://www.novell.com/linux/security/advisories/2004_12_mc.html -
References	~~() http://www.redhat.com/support/errata/RHSA-2004-172.html -~~	() http://www.redhat.com/support/errata/RHSA-2004-172.html -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/16021 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/16021 -

Information

Published : 2004-08-18 04:00

Updated : 2024-11-20 23:48

NVD link : CVE-2004-0232

Mitre link : CVE-2004-0232

CVE.ORG link : CVE-2004-0232

JSON object : View

Products Affected

slackware

slackware_linux

sgi

propack

gentoo

linux

midnight_commander

midnight_commander

CWE

NVD-CWE-Other

5.0 /10