Описание
An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 3:4.8.27-1 |
| esm-apps/bionic | released | 3:4.8.19-1ubuntu0.1~esm1 |
| esm-apps/focal | released | 3:4.8.24-2ubuntu1+esm1 |
| esm-apps/jammy | released | 3:4.8.27-1 |
| esm-apps/noble | not-affected | 3:4.8.27-1 |
| esm-apps/xenial | released | 3:4.8.15-2ubuntu0.1~esm1 |
| esm-infra-legacy/trusty | released | 3:4.8.11-1ubuntu0.1~esm1 |
| focal | ignored | end of standard support, was needed |
| hirsute | ignored | end of life |
Показывать по
Ссылки на источники
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity.
An issue was discovered in Midnight Commander through 4.8.26. When est ...
An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity.
5 Medium
CVSS2
7.5 High
CVSS3