CVE-2000-1109

Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.

Published: Jan 9, 2001
Updated: Apr 13, 2023
CVE: CVE-2000-1109
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
midnight_commander / midnight_commander	4.5.48	4.5.48.x
midnight_commander / midnight_commander	4.5.40	4.5.40.x
midnight_commander / midnight_commander	4.5.43	4.5.43.x
midnight_commander / midnight_commander	4.5.50	4.5.50.x
midnight_commander / midnight_commander	4.5.49	4.5.49.x
midnight_commander / midnight_commander	4.5.42	4.5.42.x
midnight_commander / midnight_commander	4.5.45	4.5.45.x
midnight_commander / midnight_commander	4.5.44	4.5.44.x
midnight_commander / midnight_commander	4.5.41	4.5.41.x
midnight_commander / midnight_commander	4.5.46	4.5.46.x
midnight_commander / midnight_commander	4.5.47	4.5.47.x
midnight_commander / midnight_commander	4.5.51	4.5.51.x

Vulnerability Database

289,697

CVE-2000-1109