Author: JT Smith
Posted at LWN.net: “The Midnight Commander, mc(1), is a ncurses-based file manager.
A local attacker could trick mc(1) into executing commands with
the privileges of the user running mc(1) by creating malicious
directory names. This attack leads to local privilege escalation.”
A local attacker could trick mc(1) into executing commands with
the privileges of the user running mc(1) by creating malicious
directory names. This attack leads to local privilege escalation.”
Category:
- Linux
