CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
79.8%
CentOS Errata and Security Advisory CESA-2005:381-01
NASM is an 80x86 assembler.
Two stack based buffer overflow bugs have been found in nasm. An attacker
could create an ASM file in such a way that when compiled by a victim,
could execute arbitrary code on their machine. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the names CAN-2004-1287
and CAN-2005-1194 to these issues.
All users of nasm are advised to upgrade to this updated package, which
contains backported fixes for these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-May/073798.html
Affected packages:
nasm
nasm-doc
nasm-rdoff
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 2 | i386 | nasm | < 0.98-8.EL21 | nasm-0.98-8.EL21.i386.rpm |
CentOS | 2 | i386 | nasm-doc | < 0.98-8.EL21 | nasm-doc-0.98-8.EL21.i386.rpm |
CentOS | 2 | i386 | nasm-rdoff | < 0.98-8.EL21 | nasm-rdoff-0.98-8.EL21.i386.rpm |