Vulnerabilities > CVE-2005-1679 - Remote Buffer Overflow vulnerability in Picasm Error Generation

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
timo-rossi
nessus
exploit available

Summary

Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message.

Vulnerable Configurations

Part Description Count
Application
Timo_Rossi
1

Exploit-Db

descriptionPicasm 1.10/1.12 Error Generation Remote Buffer Overflow Vulnerability. CVE-2005-1679 . Remote exploit for freebsd platform
idEDB-ID:25687
last seen2016-02-03
modified2005-05-20
published2005-05-20
reporterShaun Colley
sourcehttps://www.exploit-db.com/download/25687/
titlePicasm 1.10/1.12 Error Generation Remote Buffer Overflow Vulnerability

Nessus

NASL familyFreeBSD Local Security Checks
NASL idFREEBSD_PKG_8A3ECE40331511DAA2630001020EED82.NASL
descriptionShaun Colley reports : When generating error and warning messages, picasm copies strings into fixed length buffers without bounds checking. If an attacker could trick a user into assembling a source file with a malformed
last seen2020-06-01
modified2020-06-02
plugin id21467
published2006-05-13
reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/21467
titleFreeBSD : picasm -- buffer overflow vulnerability (8a3ece40-3315-11da-a263-0001020eed82)