Red Hat Bugzilla – Bug 113850
CAN-2003-1023 mc stack overflow
Last modified: 2015-01-07 19:07:02 EST
A buffer overflow has been found in Midnight Commander's virtual
filesystem code. Specifically, a stack-based buffer overflow in
vfs_s_resolve_symlink of vfs/direntry.c allows remote attackers to
execute arbitrary code during symlink conversion.
Affects: 2.1AS 2.1AW 2.1ES 2.1WS
Affects: 3ES 3AW 3WS
Erratum in progress.
Actually, didn't ship in RHEL3.
An errata has been issued which should help the problem described in this bug report.
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen
this bug report if the solution does not work for you.