CVE-2004-1175
NONE EPSS 73.2%
Published Apr 14, 200521y ago · Modified Jun 16, 20262w ago
Published Apr 14, 2005 21y ago
Last Modified Jun 16, 2026 2w ago
Description
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
Threat Intelligence
EPSS Exploit Probability
73.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 47
| Vendor | Product | Version | Range |
|---|---|---|---|
| midnight_commander | midnight_commander | 4.5.40 | any |
| midnight_commander | midnight_commander | 4.5.41 | any |
| midnight_commander | midnight_commander | 4.5.42 | any |
| midnight_commander | midnight_commander | 4.5.43 | any |
| midnight_commander | midnight_commander | 4.5.44 | any |
| midnight_commander | midnight_commander | 4.5.45 | any |
| midnight_commander | midnight_commander | 4.5.46 | any |
| midnight_commander | midnight_commander | 4.5.47 | any |
| midnight_commander | midnight_commander | 4.5.48 | any |
| midnight_commander | midnight_commander | 4.5.49 | any |
| midnight_commander | midnight_commander | 4.5.50 | any |
| midnight_commander | midnight_commander | 4.5.51 | any |
| midnight_commander | midnight_commander | 4.5.52 | any |
| midnight_commander | midnight_commander | 4.5.54 | any |
| midnight_commander | midnight_commander | 4.5.55 | any |
| midnight_commander | midnight_commander | 4.6 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| debian | debian_linux | 3.0 | any |
| gentoo | linux | * | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | enterprise_linux | 2.1 | any |
| redhat | linux_advanced_workstation | 2.1 | any |
| redhat | linux_advanced_workstation | 2.1 | any |
| suse | suse_linux | 8.0 | any |
| suse | suse_linux | 8.0 | any |
| suse | suse_linux | 8.1 | any |
| suse | suse_linux | 8.2 | any |
| suse | suse_linux | 9.0 | any |
| suse | suse_linux | 9.0 | any |
| suse | suse_linux | 9.1 | any |
| suse | suse_linux | 9.2 | any |
| turbolinux | turbolinux_server | 7.0 | any |
| turbolinux | turbolinux_server | 8.0 | any |
| turbolinux | turbolinux_workstation | 7.0 | any |
| turbolinux | turbolinux_workstation | 8.0 | any |
References 5
- secunia.com http://secunia.com/advisories/13863/
- securitytracker.com http://securitytracker.com/id?1012903
- debian.org http://www.debian.org/security/2005/dsa-639
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-512.html
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/18906
Remediation
- secunia.com http://secunia.com/advisories/13863/
- debian.org http://www.debian.org/security/2005/dsa-639