Andrew V. Samoilov

**Name of the Vulnerable Software and Affected Versions** Midnight Commander versions 4.5.55 and earlier **Description** The issue allows attackers to execute arbitrary code due to a buffer overflow. Multiple vulnerabilities in the Midnight Commander package may lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. **Recommendations** For Midnight Commander versions 4.5.55 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Midnight Commander versions 4.5.55 and earlier mc versions 4.5.51 and earlier **Description** The issue allows remote attackers to cause a denial of service by triggering a null dereference, potentially leading to disruption of confidentiality, integrity, and availability of protected information. Exploitation of the vulnerabilities can be carried out remotely. **Recommendations** For Midnight Commander versions 4.5.55 and earlier, consider updating to a version later than 4.5.55 to resolve the issue. For mc versions 4.5.51 and earlier, consider updating to a version later than 4.5.51 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable Midnight Commander and mc packages until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Midnight Commander versions 4.5.55 and earlier **Description** Multiple format string vulnerabilities exist, allowing remote attackers to have an unknown impact. **Recommendations** For Midnight Commander versions 4.5.55 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Midnight Commander versions 4.5.55 and earlier **Description** The issue involves multiple buffer overflows, potentially allowing remote attackers to have an unknown impact. **Recommendations** For Midnight Commander versions 4.5.55 and earlier, update to a version later than 4.5.55 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Midnight Commander (mc) versions 4.5.55 and earlier **Description** A buffer underflow issue in the extfs.c file of Midnight Commander allows remote attackers to cause a denial of service and possibly execute arbitrary code. **Recommendations** For Midnight Commander (mc) versions 4.5.55 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.