CVE-2000-1108

NONE EPSS 35.2%
Published Jan 9, 200125y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 9, 2001 25y ago
Last Modified Jun 16, 2026 2w ago

Description

cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument.

Threat Intelligence

EPSS Exploit Probability
35.2% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Affected Products 1

VendorProductVersionRange
midnight_commandermidnight_commander4.5.42any

References 5

Remediation

  • debian.org http://www.debian.org/security/2000/20001125
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/1945
    ExploitPatchVendor Advisory