Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
https://exchange.xforce.ibmcloud.com/vulnerabilities/16021
http://www.redhat.com/support/errata/RHSA-2004-172.html
http://www.novell.com/linux/security/advisories/2004_12_mc.html
http://www.mandriva.com/security/advisories?name=MDKSA-2004:039