Back to search
CVE-2000-1108
Published: May 7, 2001
Modified: Aug 8, 2024
PUBLISHED
Description
cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20001113 Problems with cons.saver
mailing-list
x_refsource_BUGTRAQ
1945
vdb-entry
x_refsource_BID
midnight-commander-conssaver-symlink(5519)
vdb-entry
x_refsource_XF
MDKSA-2000:078
vendor-advisory
x_refsource_MANDRAKE
20001125 mc: local DoS
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now