CVE-2008-2719

Netwide Assembler 2.02 - Stack-Based Buffer Overflow in ppscan Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2719. PoCs published by Philipp Thomas.

AI-analyzed exploit summary This is a bootloader assembly code for SYSLINUX, which includes a buffer overflow vulnerability (CVE-2008-2719) due to inadequate boundary checks. The exploit could allow arbitrary code execution or denial-of-service in NASM 2.02 and prior versions.

Description

Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Philipp Thomas · assemblyremotelinux

https://www.exploit-db.com/exploits/31903

View Code ZIP pw:eip

This is a bootloader assembly code for SYSLINUX, which includes a buffer overflow vulnerability (CVE-2008-2719) due to inadequate boundary checks. The exploit could allow arbitrary code execution or denial-of-service in NASM 2.02 and prior versions.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: NASM 2.02 and prior

No auth needed

Prerequisites: User-supplied data with malicious input to trigger the buffer overflow

MITRE ATT&CK