CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
79.8%
CentOS Errata and Security Advisory CESA-2005:381
NASM is an 80x86 assembler.
Two stack based buffer overflow bugs have been found in nasm. An attacker
could create an ASM file in such a way that when compiled by a victim,
could execute arbitrary code on their machine. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the names CAN-2004-1287
and CAN-2005-1194 to these issues.
All users of nasm are advised to upgrade to this updated package, which
contains backported fixes for these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-May/073788.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073789.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073790.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073792.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073793.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073797.html
Affected packages:
nasm
nasm-doc
nasm-rdoff
Upstream details at:
https://access.redhat.com/errata/RHSA-2005:381
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | ia64 | nasm | < 0.98.38-3.EL4 | nasm-0.98.38-3.EL4.ia64.rpm |
CentOS | 4 | ia64 | nasm-doc | < 0.98.38-3.EL4 | nasm-doc-0.98.38-3.EL4.ia64.rpm |
CentOS | 4 | ia64 | nasm-rdoff | < 0.98.38-3.EL4 | nasm-rdoff-0.98.38-3.EL4.ia64.rpm |
CentOS | 3 | ia64 | nasm | < 0.98.35-3.EL3 | nasm-0.98.35-3.EL3.ia64.rpm |
CentOS | 3 | ia64 | nasm-doc | < 0.98.35-3.EL3 | nasm-doc-0.98.35-3.EL3.ia64.rpm |
CentOS | 3 | ia64 | nasm-rdoff | < 0.98.35-3.EL3 | nasm-rdoff-0.98.35-3.EL3.ia64.rpm |
CentOS | 3 | s390 | nasm | < 0.98.35-3.EL3 | nasm-0.98.35-3.EL3.s390.rpm |
CentOS | 3 | s390 | nasm-doc | < 0.98.35-3.EL3 | nasm-doc-0.98.35-3.EL3.s390.rpm |
CentOS | 3 | s390 | nasm-rdoff | < 0.98.35-3.EL3 | nasm-rdoff-0.98.35-3.EL3.s390.rpm |
CentOS | 3 | s390x | nasm | < 0.98.35-3.EL3 | nasm-0.98.35-3.EL3.s390x.rpm |