Network Security Audits / Vulnerability Assessments by SecuritySpace

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2005-61
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 01 Jun 2005
Last revised: 01 Jun 2005

Package: nasm

Summary: Buffer overflow vulnerability exists in nasm

More information:
    NASM is the Netwide Assembler, a free portable assembler for the Intel
    80x86 microprocessor series, using primarily the traditional Intel
    instruction mnemonics and syntax.

    A buffer overflow vulnerability exists in the nasm.

Impact:
    This vulerability could allow local users to execute arbitrary code.

Affected Products:
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux 8 Server

Solution:
    Please use the turbopkg (zabom) tool to apply the update.
---------------------------------------------
[Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F...,
  Turbolinux Home]
# turbopkg
or
# zabom -u nasm nasm-rdoff

[other]
# turbopkg
or
# zabom update nasm nasm-rdoff
---------------------------------------------

<Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/nasm-0.98.34-6.src.rpm
      1407988 5c8b5bd44a76b21f686acacebef1fcde

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/nasm-0.98.34-6.i586.rpm
       957153 9f101519310065b6429df5b4079d308b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/nasm-rdoff-0.98.34-6.i586.rpm
        44022 82f83a9eb52b40cc288ab444803cfaf1

<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/nasm-0.98.34-6.src.rpm
      1407988 c1c9fd85941a2be0ad8fe76f3ae91bf5

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/nasm-0.98.34-6.i586.rpm
       958373 2ba1a3b5fb16a52382471cbb7438836a
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/nasm-rdoff-0.98.34-6.i586.rpm
        44477 6bb3f2d5d3215f33270088c26827975f

<Turbolinux 8 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/nasm-0.98.34-6.src.rpm
      1407988 058c7a595e2feb668b8be6bb5be2b0bc

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/nasm-0.98.34-6.i586.rpm
       838641 3ae96e67fcbf71bee5e4ee0a37b45e8b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/nasm-rdoff-0.98.34-6.i586.rpm
        43763 50e8437b62428f1621ebcb51d10896d7

References:

CVE
   [CAN-2005-1194]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1194

--------------------------------------------------------------------------
Revision History
    01 Jun 2005 Initial release
--------------------------------------------------------------------------

Copyright(C) 2005 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFCnZMXK0LzjOqIJMwRAhHQAJ0T6eB+9ZFd2Y4nQoVwtrJ09c91OACfVdCi
pqSfJ3sI5GCI/Tg4hq5irs8=
=Wi7x
-----END PGP SIGNATURE-----