Midnight Commander ≫ Midnight Commander

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."

Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.

Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file.

Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the co...

cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as...

FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.