CVE-2000-1109

Sažetak

Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-11/0373.html
http://www.debian.org/security/2001/dsa-036
http://www.novell.com/linux/security/advisories/2001_011_mc.html
http://www.securityfocus.com/bid/2016
https://exchange.xforce.ibmcloud.com/vulnerabilities/5929

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

10-10-2017 - 01:29

Objavljeno

09-01-2001 - 05:00