Search...

CVE-2005-4808

2005-12-31T05:00:00

ID CVE-2005-4808
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:29:00

Description

Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file. This vulnerability is addressed in the following patch: GNU, Binutils, patch 20050714

JSON Vulners Source

Initial Source

{"id": "CVE-2005-4808", "bulletinFamily": "NVD", "title": "CVE-2005-4808", "description": "Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file.\nThis vulnerability is addressed in the following patch:\r\nGNU, Binutils, patch 20050714", "published": "2005-12-31T05:00:00", "modified": "2017-07-20T01:29:00", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4808", "reporter": "cve@mitre.org", "references": ["http://www.ubuntu.com/usn/usn-366-1", "https://exchange.xforce.ibmcloud.com/vulnerabilities/44661", "http://sources.redhat.com/bugzilla/show_bug.cgi?id=1069"], "cvelist": ["CVE-2005-4808"], "type": "cve", "lastseen": "2019-05-29T18:08:16", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "420e321ebb518e74e1cabfe217e1feef"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "380cdef724c330271930031351ae9cad"}, {"key": "cpe23", "hash": "84c1b6610762ab0dd532e724dc8b54c2"}, {"key": "cvelist", "hash": "958d8725909222a1da197895961ac8e7"}, {"key": "cvss", "hash": "ed80408f65b06df34ed6dfdb743af507"}, {"key": "cvss2", "hash": "060e2da9a0c68c6b22054d4636a2b0bb"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "9f59b1996f361b7571a0c6919beb8774"}, {"key": "href", "hash": "169814cda33c9ac3171ca8fc2d103430"}, {"key": "modified", "hash": "8beb21540db0e4c02532c0e597356857"}, {"key": "published", "hash": "cf13c06c53ad3ab27a84a1152db56feb"}, {"key": "references", "hash": "c2e349fda8dc47cdbecf54dd0a930ea5"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "fde6cf50425a83abcc41dbfc7460f2b4"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "884cfef4ca7a6998521292cfb894f38dd888ef6a75a161c004a51228b794c092", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntu", "idList": ["USN-366-1"]}, {"type": "nessus", "idList": ["UBUNTU_USN-366-1.NASL"]}, {"type": "osvdb", "idList": ["OSVDB:29482"]}], "modified": "2019-05-29T18:08:16"}, "score": {"value": 5.3, "vector": "NONE", "modified": "2019-05-29T18:08:16"}, "vulnersScore": 5.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:gnu:binutils:*"], "affectedSoftware": [{"name": "gnu binutils", "operator": "eq", "version": "*"}], "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": true}, "cvss3": {}, "cpe23": ["cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}

{"ubuntu": [{"lastseen": "2019-05-29T17:23:00", "bulletinFamily": "unix", "description": "A buffer overflow was discovered in gas (the GNU assembler). By tricking an user or automated system (like a compile farm) into assembling a specially crafted source file with gcc or gas, this could be exploited to execute arbitrary code with the user\u2019s privileges.", "modified": "2006-10-18T00:00:00", "published": "2006-10-18T00:00:00", "id": "USN-366-1", "href": "https://usn.ubuntu.com/366-1/", "title": "binutils vulnerability", "type": "ubuntu", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:25", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://sources.redhat.com/bugzilla/show_bug.cgi?id=1069\n[CVE-2005-4808](https://vulners.com/cve/CVE-2005-4808)\n", "modified": "2005-07-14T23:09:06", "published": "2005-07-14T23:09:06", "href": "https://vulners.com/osvdb/OSVDB:29482", "id": "OSVDB:29482", "title": "GNU Binutils config/tc-crx.c reset_vars Variable Overflow", "type": "osvdb", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-11-03T12:33:38", "bulletinFamily": "scanner", "description": "A buffer overflow was discovered in gas (the GNU assembler). By\ntricking an user or automated system (like a compile farm) into\nassembling a specially crafted source file with gcc or gas, this could\nbe exploited to execute arbitrary code with the user", "modified": "2019-11-02T00:00:00", "id": "UBUNTU_USN-366-1.NASL", "href": "https://www.tenable.com/plugins/nessus/27946", "published": "2007-11-10T00:00:00", "title": "Ubuntu 5.10 : binutils vulnerability (USN-366-1)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-366-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27946);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/08/02 13:33:01\");\n\n script_cve_id(\"CVE-2005-4808\");\n script_xref(name:\"USN\", value:\"366-1\");\n\n script_name(english:\"Ubuntu 5.10 : binutils vulnerability (USN-366-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow was discovered in gas (the GNU assembler). By\ntricking an user or automated system (like a compile farm) into\nassembling a specially crafted source file with gcc or gas, this could\nbe exploited to execute arbitrary code with the user's privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:binutils-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:binutils-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:binutils-multiarch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:binutils-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2007-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.10\", pkgname:\"binutils\", pkgver:\"2.16.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"binutils-dev\", pkgver:\"2.16.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"binutils-doc\", pkgver:\"2.16.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"binutils-multiarch\", pkgver:\"2.16.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"binutils-static\", pkgver:\"2.16.1-2ubuntu6.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"binutils / binutils-dev / binutils-doc / binutils-multiarch / etc\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}]}