CVE-2008-2719
published 2008-06-16CVE-2008-2719: Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash)…
PriorityP336medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
10.47%
95.2th percentile
Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nasm | < nasm 2.03.01-1 (bookworm) | nasm 2.03.01-1 (bookworm) |
| nasm | nasm | >= 0 < 2.03.01-1 | 2.03.01-1 |
| nasm | nasm | >= 0 < 2.03.01-1 | 2.03.01-1 |
| nasm | nasm | >= 0 < 2.03.01-1 | 2.03.01-1 |
| nasm | nasm | >= 0 < 2.03.01-1 | 2.03.01-1 |
| nasm | netwide_assembler | <= 2.03.01 | — |
| nasm | netwide_assembler | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8LOW
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
nasm vulnerability
vendor_ubuntu·2008-09-30
CVE-2008-2719 nasm vulnerability
Title: nasm vulnerability
Summary: nasm vulnerability
Philipp Thomas discovered that the ppscan function of nasm contained
an off-by-one error. If a user or automated system were tricked into
assembling a specially crafted ASM file, a remote attacker could execute
arbitrary commands with user privileges.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Red Hat
nasm: off-by-one error in the ppscan function
vendor_redhat·2008-04-14·CVSS 6.8
CVE-2008-2719 [MEDIUM] CWE-193 nasm: off-by-one error in the ppscan function
nasm: off-by-one error in the ppscan function
Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.
Statement: Not vulnerable. These issues did not affect the versions of NASM as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
Debian
CVE-2008-2719: nasm - Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) ...
vendor_debian·2008·CVSS 6.8
CVE-2008-2719 [MEDIUM] CVE-2008-2719: nasm - Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) ...
Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.
Scope: local
bookworm: resolved (fixed in 2.03.01-1)
bullseye: resolved (fixed in 2.03.01-1)
forky: resolved (fixed in 2.03.01-1)
sid: resolved (fixed in 2.03.01-1)
trixie: resolved (fixed in 2.03.01-1)
Debian
CVE-2008-7177: nasm - Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01...
vendor_debian·2008·CVSS 6.8
CVE-2008-7177 [MEDIUM] CVE-2008-7177: nasm - Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01...
Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.
Scope: local
bookworm: resolved (fixed in 2.03.01-1)
bullseye: resolved (fixed in 2.03.01-1)
forky: resolved (fixed in 2.03.01-1)
sid: resolved (fixed in 2.03.01-1)
trixie: resolved (fixed in 2.03.01-1)
Red Hat
nasm: listing module buffer overflow
vendor_redhat·CVSS 6.8
CVE-2008-7177 [MEDIUM] nasm: listing module buffer overflow
nasm: listing module buffer overflow
Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.
Statement: Not vulnerable. This issue did not affect the versions of nasm as shipped with Red Hat Enterprise Linux 3, 4, or 5.
GHSA
GHSA-wx92-p8m2-phh4: Buffer overflow in the listing module in Netwide Assembler (NASM) before 2
ghsa_unreviewed·2022-05-14·CVSS 6.8
CVE-2008-7177 [MEDIUM] CWE-119 GHSA-wx92-p8m2-phh4: Buffer overflow in the listing module in Netwide Assembler (NASM) before 2
Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.
GHSA
GHSA-p426-497v-jr36: Off-by-one error in the ppscan function (preproc
ghsa_unreviewed·2022-05-01
CVE-2008-2719 [MEDIUM] GHSA-p426-497v-jr36: Off-by-one error in the ppscan function (preproc
Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.
OSV
CVE-2008-7177: Buffer overflow in the listing module in Netwide Assembler (NASM) before 2
osv·2009-09-08·CVSS 6.8
CVE-2008-7177 [MEDIUM] CVE-2008-7177: Buffer overflow in the listing module in Netwide Assembler (NASM) before 2
Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.
OSV
CVE-2008-2719: Off-by-one error in the ppscan function (preproc
osv·2008-06-16·CVSS 6.8
CVE-2008-2719 [MEDIUM] CVE-2008-2719: Off-by-one error in the ppscan function (preproc
Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.
No detection rules found.
Bugzilla
CVE-2008-7177 nasm: listing module buffer overflow
bugzilla·2009-09-10·CVSS 6.8
CVE-2008-7177 [MEDIUM] CVE-2008-7177 nasm: listing module buffer overflow
CVE-2008-7177 nasm: listing module buffer overflow
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-7177 to the following vulnerability:
Buffer overflow in the listing module in Netwide Assembler (NASM)
before 2.03.01 has unknown impact and attack vectors, a different
vulnerability than CVE-2008-2719.
References:
http://sourceforge.net/project/shownotes.php?release_id=607497
https://bugzilla.redhat.com/show_bug.cgi?id=452800
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01000.html
http://www.securityfocus.com/bid/29955
http://www.securitytracker.com/id?1020378
http://secunia.com/advisories/30836
http://www.vupen.com/english/advisories/2008/1939
Discussion:
Doing a bit more search around this...
This is full diff between 2.03 and 2.03.1:
http
Bugzilla
CVE-2008-2719 nasm: off-by-one error in the ppscan function
bugzilla·2008-06-18·CVSS 6.8
CVE-2008-2719 [MEDIUM] CVE-2008-2719 nasm: off-by-one error in the ppscan function
CVE-2008-2719 nasm: off-by-one error in the ppscan function
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-2719 to the following vulnerability:
Off-by-one error in the ppscan function (preproc.c) in Netwide
Assembler (NASM) 2.02 allows context-dependent attackers to cause a
denial of service (crash) and possibly execute arbitrary code via a
crafted file that triggers a stack-based buffer overflow.
Upstream bug report and patch:
https://sourceforge.net/tracker/?func=detail&atid=106208&aid=1942146&group_id=6208
http://repo.or.cz/w/nasm.git?a=commit;h=76ec8e73db16f4cf1453a142d03bcc74d528f72f
Other references:
http://www.openwall.com/lists/oss-security/2008/06/11/4
http://secunia.com/advisories/30594
http://www.frsirt.com/english/advisories/2008/1811
Discussion:
We
http://repo.or.cz/w/nasm.git?a=commit%3Bh=76ec8e73db16f4cf1453a142d03bcc74d528f72fhttp://secunia.com/advisories/30594http://secunia.com/advisories/32059http://www.mandriva.com/security/advisories?name=MDVSA-2008:120http://www.openwall.com/lists/oss-security/2008/06/11/4http://www.openwall.com/lists/oss-security/2008/06/11/5http://www.securityfocus.com/bid/29656http://www.securitytracker.com/id?1020259http://www.ubuntu.com/usn/usn-648-1http://www.vupen.com/english/advisories/2008/1811https://exchange.xforce.ibmcloud.com/vulnerabilities/42995https://sourceforge.net/project/shownotes.php?group_id=6208&release_id=606115https://sourceforge.net/tracker/?func=detail&atid=106208&aid=1942146&group_id=6208http://repo.or.cz/w/nasm.git?a=commit%3Bh=76ec8e73db16f4cf1453a142d03bcc74d528f72fhttp://secunia.com/advisories/30594http://secunia.com/advisories/32059http://www.mandriva.com/security/advisories?name=MDVSA-2008:120http://www.openwall.com/lists/oss-security/2008/06/11/4http://www.openwall.com/lists/oss-security/2008/06/11/5http://www.securityfocus.com/bid/29656http://www.securitytracker.com/id?1020259http://www.ubuntu.com/usn/usn-648-1http://www.vupen.com/english/advisories/2008/1811https://exchange.xforce.ibmcloud.com/vulnerabilities/42995https://sourceforge.net/project/shownotes.php?group_id=6208&release_id=606115https://sourceforge.net/tracker/?func=detail&atid=106208&aid=1942146&group_id=6208
2008-06-16
Published