----------------------------------------------------------------------------
Debian Security Advisory DSA-036-1                       security@debian.org 
Debian -- Security Information                                Martin Schulze
March 7, 2001
----------------------------------------------------------------------------

Package        : mc
Vulnerability  : random program execution
Type           : local
Debian-specific: no
Fixed version  : 4.5.42-11.potato.6

It has been reported that a local user could tweak Midnight Commander
of another user into executing a random program under the user id of
the person running Midnight Commander.  This behaviour has been fixed
by Andrew V. Samoilov.

We recommend you upgrade your mc package.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato
------------------------------------

  Potato was released for the alpha, arm, i386, m68k, powerpc and sparc
  architectures.


  Source archives:

      
      MD5 checksum: bd8823e83ef37ada13ad7fc4ca3479c8
      
      MD5 checksum: c0e84f877cc4b4da15269811f1a538b4
      
      MD5 checksum: 0d2e63dd4b0c0a3d4d6c5933187ba222

  Intel ia32 architecture:

      
      MD5 checksum: 2d2eb51e9ae833b605fc54711cd229fc
      
      MD5 checksum: 45d65de62f5d7af29cf2ef3b9ab56fd8
      
      MD5 checksum: c58a97f08556e18b6d7f4ff657aa62b0

  Motorola 680x0 architecture:

      
      MD5 checksum: 081bbbf191842c7d404fd3e62afa0f7a
      
      MD5 checksum: 861d25b2ef64d7d6adaa4e3a43813ac6
      
      MD5 checksum: 574ef9ba296219900dc03463395c5171

  Sun Sparc architecture:

      
      MD5 checksum: b435261f1f200c7058df7f400927453a
      
      MD5 checksum: 71809b28c58361a6864985d3ce4e3e63
      
      MD5 checksum: b1e4af8190f56d0548ca4bdff0136fbf

  Alpha architecture:

      
      MD5 checksum: 7aa3bfac0ebf2e6c0cde6dc135d034e5
      
      MD5 checksum: d97fffed31c62ef9d57a7887f89d8bb9
      
      MD5 checksum: 3afa82d8e80787dc981d0b4e38ecd848

  PowerPC architecture:

      
      MD5 checksum: 32d8962f6bcb84b1ac85888a814e3030
      
      MD5 checksum: 7c73edf0a6eb656b61688a636f8bd9de
      
      MD5 checksum: c2a93b28fe53d9fb8f795382b5714b6c

  ARM architecture:

      
      MD5 checksum: 768f61217a7d020855b6b459c48abd45
      
      MD5 checksum: 051f01146c5053964039cf04b87365a1
      
      MD5 checksum: 023a2ee7f0915319fd33d9e5008533ec


  These files will be moved into
     soon.

For not yet released architectures please refer to the appropriate
directory    .

----------------------------------------------------------------------------
For apt-get: deb  Debian -- Security Information  stable/updates main
For dpkg-ftp:    dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and  http://packages.debian.org/

Debian: 'mc' vulnerability

March 7, 2001
It has been reported that a local user could tweak Midnight Commander of another user into executing a random program under the user id of the person running Midnight Commander.

Summary

It has been reported that a local user could tweak Midnight Commander
of another user into executing a random program under the user id of
the person running Midnight Commander. This behaviour has been fixed
by Andrew V. Samoilov.

We recommend you upgrade your mc package.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato
------------------------------------

Potato was released for the alpha, arm, i386, m68k, powerpc and sparc
architectures.


Source archives:


MD5 checksum: bd8823e83ef37ada13ad7fc4ca3479c8

MD5 checksum: c0e84f877cc4b4da15269811f1a538b4

MD5 checksum: 0d2e63dd4b0c0a3d4d6c5933187ba222

Intel ia32 architecture:


MD5 checksum: 2d2eb51e9ae833b605fc54711cd229fc

MD5 checksum: 45d65de62f5d7af29cf2ef3b9ab56fd8

MD5 checksum: c58a97f08556e18b6d7f4ff657aa62b0

Motorola 680x0 architecture:


MD5 checksum: 081bbbf191842c7d404fd3e62afa0f7a

MD5 checksum: 861d25b2ef64d7d6adaa4e3a43813ac6

MD5 checksum: 574ef9ba296219900dc03463395c5171

Sun Sparc architecture:


MD5 checksum: b435261f1f200c7058df7f400927453a

MD5 checksum: 71809b28c58361a6864985d3ce4e3e63

MD5 checksum: b1e4af8190f56d0548ca4bdff0136fbf

Alpha architecture:


MD5 checksum: 7aa3bfac0ebf2e6c0cde6dc135d034e5

MD5 checksum: d97fffed31c62ef9d57a7887f89d8bb9

MD5 checksum: 3afa82d8e80787dc981d0b4e38ecd848

PowerPC architecture:


MD5 checksum: 32d8962f6bcb84b1ac85888a814e3030

MD5 checksum: 7c73edf0a6eb656b61688a636f8bd9de

MD5 checksum: c2a93b28fe53d9fb8f795382b5714b6c

ARM architecture:


MD5 checksum: 768f61217a7d020855b6b459c48abd45

MD5 checksum: 051f01146c5053964039cf04b87365a1

MD5 checksum: 023a2ee7f0915319fd33d9e5008533ec


These files will be moved into
soon.

For not yet released architectures please refer to the appropriate
directory .

----------------------------------------------------------------------------
For apt-get: deb Debian -- Security Information stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/




Severity
Package : mc
Vulnerability : random program execution
Type : local
Debian-specific: no
Fixed version : 4.5.42-11.potato.6

Related News

11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved