Privilege Escalation via Malformed Directory Names in Midnight Commander (mc) 4.5.51 and Earlier

Privilege Escalation via Malformed Directory Names in Midnight Commander (mc) 4.5.51 and Earlier

CVE-2000-1109 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.

Learn more about our User Device Pen Test.