This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200412-20
(NASM: Buffer overflow vulnerability)
Jonathan Rockway discovered that NASM-0.98.38 has an unprotected
vsprintf() to an array in preproc.c. This code vulnerability may lead
to a buffer overflow and potential execution of arbitrary code.
A remote attacker could craft a malicious object file which, when
supplied in NASM, would result in the execution of arbitrary code with
the rights of the user running NASM.
There is no known workaround at this time.
See also :
All NASM users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-lang/nasm-0.98.38-r1'
Risk factor :
Family: Gentoo Local Security Checks
Nessus Plugin ID: 16010 (gentoo_GLSA-200412-20.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now