Fedora Local Security Checks : Fedora Core 2 FEDORA-2004-273 (mc)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.50399

Category: Fedora Local Security Checks

Title: Fedora Core 2 FEDORA-2004-273 (mc)

Summary: NOSUMMARY

Description: Description:

The remote host is missing an update to mc
announced via advisory FEDORA-2004-273.

Midnight Commander is a visual shell much like a file manager, only
with many more features. It is a text mode application, but it also
includes mouse support if you are running GPM. Midnight Commander's
best features are its ability to FTP, view tar and zip files, and to
poke into RPMs for specific files.

Update Information:

Security fix for http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127973.
CVE-2004-0494 extfs vfs vulnerability in mc

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

aadb93bb8a2b047c79a4c5be7da28edb SRPMS/mc-4.6.0-17.fc2.src.rpm
2907d996d845c03dd9ff5cc0bcf1ec84 x86_64/mc-4.6.0-17.fc2.x86_64.rpm
10fa4d7b2d7e7abc48015d23004c903b x86_64/debug/mc-debuginfo-4.6.0-17.fc2.x86_64.rpm
5da38fc92a6d8f57148d57eab6f6f251 i386/mc-4.6.0-17.fc2.i386.rpm
11104e0480ab66addf52e4f30b9e9870 i386/debug/mc-debuginfo-4.6.0-17.fc2.i386.rpm

This update can also be installed with the Update Agent
you can
launch the Update Agent with the 'up2date' command.

Solution: Apply the appropriate updates.
http://www.fedoranews.org/updates/FEDORA-2004-273.shtml

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2004-0494
https://bugzilla.fedora.us/show_bug.cgi?id=1944
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9854
http://www.redhat.com/support/errata/RHSA-2004-373.html
XForce ISS Database: gnome-vfs-extfs-gain-access(16897)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16897

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.50399
Category:	Fedora Local Security Checks
Title:	Fedora Core 2 FEDORA-2004-273 (mc)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to mc announced via advisory FEDORA-2004-273. Midnight Commander is a visual shell much like a file manager, only with many more features. It is a text mode application, but it also includes mouse support if you are running GPM. Midnight Commander's best features are its ability to FTP, view tar and zip files, and to poke into RPMs for specific files. Update Information: Security fix for http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127973. CVE-2004-0494 extfs vfs vulnerability in mc This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ aadb93bb8a2b047c79a4c5be7da28edb SRPMS/mc-4.6.0-17.fc2.src.rpm 2907d996d845c03dd9ff5cc0bcf1ec84 x86_64/mc-4.6.0-17.fc2.x86_64.rpm 10fa4d7b2d7e7abc48015d23004c903b x86_64/debug/mc-debuginfo-4.6.0-17.fc2.x86_64.rpm 5da38fc92a6d8f57148d57eab6f6f251 i386/mc-4.6.0-17.fc2.i386.rpm 11104e0480ab66addf52e4f30b9e9870 i386/debug/mc-debuginfo-4.6.0-17.fc2.i386.rpm This update can also be installed with the Update Agent you can launch the Update Agent with the 'up2date' command. Solution: Apply the appropriate updates. http://www.fedoranews.org/updates/FEDORA-2004-273.shtml Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0494 https://bugzilla.fedora.us/show_bug.cgi?id=1944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9854 http://www.redhat.com/support/errata/RHSA-2004-373.html XForce ISS Database: gnome-vfs-extfs-gain-access(16897) https://exchange.xforce.ibmcloud.com/vulnerabilities/16897
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com