Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 754
Alerts This Week
Warning Icon 1 754

Mageia 8: 2022-0086 Moderate: mc SFTP Authentication Flaw

mageia
Calendar Grey March 6, 2022
Dist Mageia Esm H88
Unveil the Mageia 2022-0086 patch designed to address vulnerabilities in mc that impact SFTP link integrity and server validation protocols.
An issue was discovered in Midnight Commander through 4.8.26

Summary

An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity. (CVE-2021-36370)

References

- https://bugs.mageia.org/show_bug.cgi?id=30107

-

- https://www.cve.org/CVERecord?id=CVE-2021-36370

Resolution

SRPMS

- 8/core/mc-4.8.27-1.mga8

Publication date: 06 Mar 2022
URL: https://advisories.mageia.org/MGASA-2022-0086.html
Type: security
CVE: CVE-2021-36370

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.