CVE-2000-1109
Last modified
CVE-2000-1109 is a vulnerability of currently unknown severity. Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.. EPSS estimates a 0.34% chance of exploitation in the next 30 days.
Description
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Midnight Commander | Midnight Commander | 4.5.40 |
| Midnight Commander | Midnight Commander | 4.5.41 |
| Midnight Commander | Midnight Commander | 4.5.42 |
| Midnight Commander | Midnight Commander | 4.5.43 |
| Midnight Commander | Midnight Commander | 4.5.44 |
| Midnight Commander | Midnight Commander | 4.5.45 |
| Midnight Commander | Midnight Commander | 4.5.46 |
| Midnight Commander | Midnight Commander | 4.5.47 |
| Midnight Commander | Midnight Commander | 4.5.48 |
| Midnight Commander | Midnight Commander | 4.5.49 |
| Midnight Commander | Midnight Commander | 4.5.50 |
| Midnight Commander | Midnight Commander | 4.5.51 |
References
- http://www.securityfocus.com/bid/2016Vendor Advisory
- http://www.securityfocus.com/bid/2016Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2000-1109?
How severe is CVE-2000-1109?
How do I fix CVE-2000-1109?
Are you affected by CVE-2000-1109?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST