Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2005:381
HistoryMay 04, 2005 - 5:06 p.m.

nasm security update

2005-05-0417:06:45
CentOS Project
lists.centos.org
53

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

79.9%

JSON

CentOS Errata and Security Advisory CESA-2005:381

NASM is an 80x86 assembler.

Two stack based buffer overflow bugs have been found in nasm. An attacker
could create an ASM file in such a way that when compiled by a victim,
could execute arbitrary code on their machine. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the names CAN-2004-1287
and CAN-2005-1194 to these issues.

All users of nasm are advised to upgrade to this updated package, which
contains backported fixes for these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-May/073788.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073789.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073790.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073792.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073793.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073797.html

Affected packages:
nasm
nasm-doc
nasm-rdoff

Upstream details at:
https://access.redhat.com/errata/RHSA-2005:381

Related

redhat 1
nessus 7
ubuntucve 2
nvd 2
debiancve 2
cve 2
cvelist 2
centos 1
debian 2
openvas 3
ubuntu 2
osv 1
redhat
redhat
(RHSA-2005:381) nasm security update
2005-05-04 00:00:00
nessus
nessus
RHEL 4 : nasm (RHSA-2005:381)
2005-05-04 00:00:00
CentOS 3 / 4 : nasm (CESA-2005:381)
2006-07-03 00:00:00
Debian DSA-623-1 : nasm - buffer overflow
2005-01-04 00:00:00
ubuntucve
ubuntucve
CVE-2005-1194
2005-05-04 00:00:00
CVE-2004-1287
2005-01-10 00:00:00
nvd
nvd
CVE-2004-1287
2005-01-10 05:00:00
CVE-2005-1194
2005-05-04 04:00:00
debiancve
debiancve
CVE-2005-1194
2005-05-04 04:00:00
CVE-2004-1287
2005-01-10 05:00:00
cve
cve
CVE-2005-1194
2005-05-04 04:00:00
CVE-2004-1287
2005-01-10 05:00:00
cvelist
cvelist
CVE-2005-1194
2005-05-04 04:00:00
CVE-2004-1287
2004-12-22 05:00:00
centos
centos
nasm security update
2005-05-05 01:47:27
debian
debian
[SECURITY] [DSA 623-1] New nasm packages fix arbitrary code execution
2005-01-04 15:26:37
[SECURITY] [DSA 623-1] New nasm packages fix arbitrary code execution
2005-01-04 15:26:37
openvas
openvas
Debian: Security Advisory (DSA-623-1)
2008-01-17 00:00:00
Ubuntu: Security Advisory (USN-45-1)
2022-08-26 00:00:00
Debian Security Advisory DSA 623-1 (nasm)
2008-01-17 00:00:00
ubuntu
ubuntu
nasm vulnerability
2004-12-22 00:00:00
nasm vulnerability
2005-05-18 00:00:00
osv
osv
nasm - buffer overflow
2005-01-04 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

79.9%

JSON
Related for CESA-2005:381
redhat1nessus7ubuntucve2nvd2debiancve2cve2cvelist2centos1debian2openvas3ubuntu2osv1