Lucene search
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-3007.NASLHistoryMay 14, 2022 - 12:00 a.m.
Debian DLA-3007-1 : imagemagick - LTS security update
2022-05-1400:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
67.9%
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3007 advisory.
-
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2’s xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.
(CVE-2021-3596) -
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dla-3007. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('compat.inc');
if (description)
{
script_id(161205);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/27");
script_cve_id("CVE-2021-3596", "CVE-2022-28463");
script_name(english:"Debian DLA-3007-1 : imagemagick - LTS security update");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
script_set_attribute(attribute:"description", value:
"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the
dla-3007 advisory.
- A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage()
in coders/svg.c. This issue is due to not checking the return value from libxml2's
xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.
(CVE-2021-3596)
- ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/imagemagick");
script_set_attribute(attribute:"see_also", value:"https://www.debian.org/lts/security/2022/dla-3007");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2021-3596");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-28463");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/stretch/imagemagick");
script_set_attribute(attribute:"solution", value:
"Upgrade the imagemagick packages.
For Debian 9 stretch, these problems have been fixed in version 8");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-28463");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/02/24");
script_set_attribute(attribute:"patch_publication_date", value:"2022/05/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/05/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:imagemagick");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:imagemagick-6-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:imagemagick-6-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:imagemagick-6.q16");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:imagemagick-6.q16hdri");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:imagemagick-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:imagemagick-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libimage-magick-perl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libimage-magick-q16-perl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libimage-magick-q16hdri-perl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagick++-6-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagick++-6.q16-7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagick++-6.q16-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagick++-6.q16hdri-7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagick++-6.q16hdri-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagick++-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickcore-6-arch-config");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickcore-6-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickcore-6.q16-3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickcore-6.q16-3-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickcore-6.q16-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickcore-6.q16hdri-3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickcore-6.q16hdri-3-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickcore-6.q16hdri-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickcore-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickwand-6-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickwand-6.q16-3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickwand-6.q16-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickwand-6.q16hdri-3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickwand-6.q16hdri-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libmagickwand-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:perlmagick");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
var release = get_kb_item('Host/Debian/release');
if ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');
var release = chomp(release);
if (! preg(pattern:"^(9)\.[0-9]+", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);
var pkgs = [
{'release': '9.0', 'prefix': 'imagemagick', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'imagemagick-6-common', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'imagemagick-6-doc', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'imagemagick-6.q16', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'imagemagick-6.q16hdri', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'imagemagick-common', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'imagemagick-doc', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libimage-magick-perl', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libimage-magick-q16-perl', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libimage-magick-q16hdri-perl', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagick++-6-headers', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagick++-6.q16-7', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagick++-6.q16-dev', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagick++-6.q16hdri-7', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagick++-6.q16hdri-dev', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagick++-dev', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickcore-6-arch-config', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickcore-6-headers', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickcore-6.q16-3', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickcore-6.q16-3-extra', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickcore-6.q16-dev', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickcore-6.q16hdri-3', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickcore-6.q16hdri-3-extra', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickcore-6.q16hdri-dev', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickcore-dev', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickwand-6-headers', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickwand-6.q16-3', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickwand-6.q16-dev', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickwand-6.q16hdri-3', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickwand-6.q16hdri-dev', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'libmagickwand-dev', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'},
{'release': '9.0', 'prefix': 'perlmagick', 'reference': '8:6.9.7.4+dfsg-11+deb9u14'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var release = NULL;
var prefix = NULL;
var reference = NULL;
if (!empty_or_null(package_array['release'])) release = package_array['release'];
if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (release && prefix && reference) {
if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : deb_report_get()
);
exit(0);
}
else
{
var tested = deb_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'imagemagick / imagemagick-6-common / imagemagick-6-doc / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | imagemagick | p-cpe:/a:debian:debian_linux:imagemagick |
| debian | debian_linux | imagemagick-6-common | p-cpe:/a:debian:debian_linux:imagemagick-6-common |
| debian | debian_linux | imagemagick-6-doc | p-cpe:/a:debian:debian_linux:imagemagick-6-doc |
| debian | debian_linux | imagemagick-6.q16 | p-cpe:/a:debian:debian_linux:imagemagick-6.q16 |
| debian | debian_linux | imagemagick-6.q16hdri | p-cpe:/a:debian:debian_linux:imagemagick-6.q16hdri |
| debian | debian_linux | imagemagick-common | p-cpe:/a:debian:debian_linux:imagemagick-common |
| debian | debian_linux | imagemagick-doc | p-cpe:/a:debian:debian_linux:imagemagick-doc |
| debian | debian_linux | libimage-magick-perl | p-cpe:/a:debian:debian_linux:libimage-magick-perl |
| debian | debian_linux | libimage-magick-q16-perl | p-cpe:/a:debian:debian_linux:libimage-magick-q16-perl |
| debian | debian_linux | libimage-magick-q16hdri-perl | p-cpe:/a:debian:debian_linux:libimage-magick-q16hdri-perl |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3596
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28463
packages.debian.org/source/stretch/imagemagick
security-tracker.debian.org/tracker/CVE-2021-3596
security-tracker.debian.org/tracker/CVE-2022-28463
security-tracker.debian.org/tracker/source-package/imagemagick
www.debian.org/lts/security/2022/dla-3007
Related
debian
debian
[SECURITY] [DLA-3007-1] imagemagick security update
2022-05-14 13:28:05
[SECURITY] [DLA 3429-1] imagemagick security update
2023-05-21 22:21:07
[SECURITY] [DLA 3357-1] imagemagick security update
2023-03-11 19:39:30
openvas
openvas
Debian: Security Advisory (DLA-3007-1)
2022-05-15 00:00:00
Ubuntu: Security Advisory (USN-5456-1)
2022-06-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1762-1)
2022-05-23 00:00:00
osv
osv
imagemagick - security update
2022-05-14 00:00:00
imagemagick vulnerability
2022-06-01 15:02:31
CVE-2022-28463
2022-05-08 23:15:17
veracode
veracode
Buffer Overflow
2022-05-10 12:47:18
Denial Of Service (DoS)
2022-02-21 10:33:07
alpinelinux
alpinelinux
CVE-2022-28463
2022-05-08 23:15:17
CVE-2021-3596
2022-02-24 19:15:09
suse
suse
Security update for ImageMagick (moderate)
2022-05-20 00:00:00
Security update for ImageMagick (moderate)
2022-09-02 00:00:00
cve
cve
CVE-2022-28463
2022-05-08 23:15:17
CVE-2021-3596
2022-02-24 19:15:09
cloudfoundry
cloudfoundry
USN-5456-1: ImageMagick vulnerability | Cloud Foundry
2022-07-28 00:00:00
USN-5736-1: ImageMagick vulnerabilities | Cloud Foundry
2023-02-03 00:00:00
prion
prion
Buffer overflow
2022-05-08 23:15:00
Null pointer dereference
2022-02-24 19:15:00
ubuntucve
ubuntucve
CVE-2022-28463
2022-05-08 00:00:00
CVE-2021-3596
2022-02-24 00:00:00
cvelist
cvelist
CVE-2022-28463
2022-05-08 00:00:00
CVE-2021-3596
2022-02-24 00:00:00
redhatcve
redhatcve
CVE-2022-28463
2022-05-09 08:24:26
CVE-2021-3596
2021-06-10 18:13:52
nessus
nessus
SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2022:1762-1)
2022-05-21 00:00:00
Ubuntu 16.04 ESM / 18.04 LTS : ImageMagick vulnerability (USN-5456-1)
2022-06-01 00:00:00
EulerOS 2.0 SP8 : ImageMagick (EulerOS-SA-2022-2223)
2022-08-17 00:00:00
nvd
nvd
CVE-2022-28463
2022-05-08 23:15:17
CVE-2021-3596
2022-02-24 19:15:09
ubuntu
ubuntu
ImageMagick vulnerability
2022-06-01 00:00:00
ImageMagick vulnerabilities
2022-11-24 00:00:00
ImageMagick vulnerabilities
2022-11-24 00:00:00
debiancve
debiancve
CVE-2022-28463
2022-05-08 23:15:17
CVE-2021-3596
2022-02-24 19:15:09
amazon
amazon
Medium: ImageMagick
2023-09-13 23:44:00
Medium: ImageMagick
2023-03-02 22:35:00
Medium: ImageMagick
2023-03-02 20:22:00
cnvd
cnvd
ImageMagick code issue vulnerability (CNVD-2022-18008)
2022-02-25 00:00:00
redos
redos
ROS-20221121-03
2022-11-21 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0593
2023-06-08 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0402
2023-06-05 00:00:00
gentoo
gentoo
ImageMagick: Multiple Vulnerabilities
2024-05-04 00:00:00
mageia
mageia
Updated imagemagick packages fix security vulnerability
2022-12-07 02:32:48
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
67.9%
Related for DEBIAN_DLA-3007.NASL