CVE-2004-0226: Buffer Overflow
First published: Wed May 05 2004(Updated: )
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNU Midnight Commander | =4.5.40 | |
| GNU Midnight Commander | =4.5.41 | |
| GNU Midnight Commander | =4.5.42 | |
| GNU Midnight Commander | =4.5.43 | |
| GNU Midnight Commander | =4.5.44 | |
| GNU Midnight Commander | =4.5.45 | |
| GNU Midnight Commander | =4.5.46 | |
| GNU Midnight Commander | =4.5.47 | |
| GNU Midnight Commander | =4.5.48 | |
| GNU Midnight Commander | =4.5.49 | |
| GNU Midnight Commander | =4.5.50 | |
| GNU Midnight Commander | =4.5.51 | |
| GNU Midnight Commander | =4.5.52 | |
| GNU Midnight Commander | =4.5.55 | |
| GNU Midnight Commander | =4.6 | |
| SGI ProPack | =2.3 | |
| SGI ProPack | =2.4 | |
| Gentoo Linux | =0.5 | |
| Gentoo Linux | =0.7 | |
| Gentoo Linux | =1.1a | |
| Gentoo Linux | =1.2 | |
| Gentoo Linux | =1.4 | |
| Gentoo Linux | =1.4-rc1 | |
| Gentoo Linux | =1.4-rc2 | |
| Gentoo Linux | =1.4-rc3 | |
| Slackware Linux | ||
| Slackware Linux | =9.0 | |
| Slackware Linux | =9.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.redhat.com/support/errata/RHSA-2004-172.html
- http://www.debian.org/security/2004/dsa-497
- http://www.novell.com/linux/security/advisories/2004_12_mc.html
- http://security.gentoo.org/glsa/glsa-200405-21.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:039
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16016
Frequently Asked Questions
What is the severity of CVE-2004-0226?
The severity of CVE-2004-0226 is considered high due to potential denial of service and arbitrary code execution risks.
How do I fix CVE-2004-0226?
To fix CVE-2004-0226, you should upgrade to Midnight Commander version 4.6.0 or later.
Which versions of Midnight Commander are affected by CVE-2004-0226?
CVE-2004-0226 affects multiple versions of Midnight Commander prior to 4.6.0, specifically versions 4.5.40 to 4.5.55.
What type of vulnerability is identified in CVE-2004-0226?
CVE-2004-0226 is classified as a buffer overflow vulnerability.
Can CVE-2004-0226 be exploited remotely?
Yes, CVE-2004-0226 can potentially be exploited remotely if the vulnerable software is exposed.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/midnight commander
- product/midnight commander
- canonical/midnight commander midnight commander
- vendor/sgi
- product/propack
- canonical/sgi propack
- vendor/slackware
- product/slackware linux
- canonical/slackware slackware linux
- vendor/gentoo
- product/linux
- canonical/gentoo linux
- canonical/gnu midnight commander
- version/gnu midnight commander/4.5.40
- version/gnu midnight commander/4.5.41
- version/gnu midnight commander/4.5.42
- version/gnu midnight commander/4.5.43
- version/gnu midnight commander/4.5.44
- version/gnu midnight commander/4.5.45
- version/gnu midnight commander/4.5.46
- version/gnu midnight commander/4.5.47
- version/gnu midnight commander/4.5.48
- version/gnu midnight commander/4.5.49
- version/gnu midnight commander/4.5.50
- version/gnu midnight commander/4.5.51
- version/gnu midnight commander/4.5.52
- version/gnu midnight commander/4.5.55
- version/gnu midnight commander/4.6
- version/sgi propack/2.3
- version/sgi propack/2.4
- version/gentoo linux/0.5
- version/gentoo linux/0.7
- version/gentoo linux/1.1a
- version/gentoo linux/1.2
- version/gentoo linux/1.4
- version/gentoo linux/1.4-rc1
- version/gentoo linux/1.4-rc2
- version/gentoo linux/1.4-rc3
- canonical/slackware linux
- version/slackware linux/9.0
- version/slackware linux/9.1