Search...

GLSA-200505-16 : ImageMagick, GraphicsMagick: Denial of Service vulnerability

2005-05-28T00:00:00

ID GENTOO_GLSA-200505-16.NASL
Type nessus
Reporter This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.
Modified 2005-05-28T00:00:00

Description

The remote host is affected by the vulnerability described in GLSA-200505-16 (ImageMagick, GraphicsMagick: Denial of Service vulnerability)

Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a
Denial of Service vulnerability in the XWD decoder of ImageMagick and
GraphicsMagick when setting a color mask to zero.

Impact :

A remote attacker could submit a specially crafted image to a user or
an automated system making use of an affected utility, resulting in a
Denial of Service by consumption of CPU time.

Workaround :

There is no known workaround at this time.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200505-16.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(18380);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2005-1739");
  script_xref(name:"GLSA", value:"200505-16");

  script_name(english:"GLSA-200505-16 : ImageMagick, GraphicsMagick: Denial of Service vulnerability");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200505-16
(ImageMagick, GraphicsMagick: Denial of Service vulnerability)

    Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a
    Denial of Service vulnerability in the XWD decoder of ImageMagick and
    GraphicsMagick when setting a color mask to zero.
  
Impact :

    A remote attacker could submit a specially crafted image to a user or
    an automated system making use of an affected utility, resulting in a
    Denial of Service by consumption of CPU time.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200505-16"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All ImageMagick users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '&gt;=media-gfx/imagemagick-6.2.2.3'
    All GraphicsMagick users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '&gt;=media-gfx/graphicsmagick-1.1.6-r1'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:graphicsmagick");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:imagemagick");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2005/05/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2005/05/28");
  script_set_attribute(attribute:"vuln_publication_date", value:"2005/05/21");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"media-gfx/imagemagick", unaffected:make_list("ge 6.2.2.3"), vulnerable:make_list("lt 6.2.2.3"))) flag++;
if (qpkg_check(package:"media-gfx/graphicsmagick", unaffected:make_list("ge 1.1.6-r1"), vulnerable:make_list("lt 1.1.6-r1"))) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:qpkg_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ImageMagick / GraphicsMagick");
}

JSON Vulners Source

Initial Source

{"id": "GENTOO_GLSA-200505-16.NASL", "bulletinFamily": "scanner", "title": "GLSA-200505-16 : ImageMagick, GraphicsMagick: Denial of Service vulnerability", "description": "The remote host is affected by the vulnerability described in GLSA-200505-16\n(ImageMagick, GraphicsMagick: Denial of Service vulnerability)\n\n Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a\n Denial of Service vulnerability in the XWD decoder of ImageMagick and\n GraphicsMagick when setting a color mask to zero.\n \nImpact :\n\n A remote attacker could submit a specially crafted image to a user or\n an automated system making use of an affected utility, resulting in a\n Denial of Service by consumption of CPU time.\n \nWorkaround :\n\n There is no known workaround at this time.", "published": "2005-05-28T00:00:00", "modified": "2005-05-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/18380", "reporter": "This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.", "references": ["https://security.gentoo.org/glsa/200505-16"], "cvelist": ["CVE-2005-1739"], "type": "nessus", "lastseen": "2021-01-07T10:51:57", "edition": 24, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-1739"]}, {"type": "osvdb", "idList": ["OSVDB:16774"]}, {"type": "openvas", "idList": ["OPENVAS:54948"]}, {"type": "centos", "idList": ["CESA-2005:480-01", "CESA-2005:480"]}, {"type": "gentoo", "idList": ["GLSA-200505-16"]}, {"type": "redhat", "idList": ["RHSA-2005:480"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2005-480.NASL", "MANDRAKE_MDKSA-2005-107.NASL", "REDHAT-RHSA-2005-480.NASL"]}, {"type": "ubuntu", "idList": ["USN-132-1"]}], "modified": "2021-01-07T10:51:57", "rev": 2}, "score": {"value": 4.6, "vector": "NONE", "modified": "2021-01-07T10:51:57", "rev": 2}, "vulnersScore": 4.6}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200505-16.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18380);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-1739\");\n script_xref(name:\"GLSA\", value:\"200505-16\");\n\n script_name(english:\"GLSA-200505-16 : ImageMagick, GraphicsMagick: Denial of Service vulnerability\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200505-16\n(ImageMagick, GraphicsMagick: Denial of Service vulnerability)\n\n Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a\n Denial of Service vulnerability in the XWD decoder of ImageMagick and\n GraphicsMagick when setting a color mask to zero.\n \nImpact :\n\n A remote attacker could submit a specially crafted image to a user or\n an automated system making use of an affected utility, resulting in a\n Denial of Service by consumption of CPU time.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200505-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ImageMagick users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/imagemagick-6.2.2.3'\n All GraphicsMagick users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/graphicsmagick-1.1.6-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:graphicsmagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/28\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-gfx/imagemagick\", unaffected:make_list(\"ge 6.2.2.3\"), vulnerable:make_list(\"lt 6.2.2.3\"))) flag++;\nif (qpkg_check(package:\"media-gfx/graphicsmagick\", unaffected:make_list(\"ge 1.1.6-r1\"), vulnerable:make_list(\"lt 1.1.6-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / GraphicsMagick\");\n}\n", "naslFamily": "Gentoo Local Security Checks", "pluginID": "18380", "cpe": ["p-cpe:/a:gentoo:linux:graphicsmagick", "cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:imagemagick"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T11:34:54", "description": "The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.", "edition": 3, "cvss3": {}, "published": "2005-05-24T04:00:00", "title": "CVE-2005-1739", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-1739"], "modified": "2018-10-03T21:30:00", "cpe": ["cpe:/a:graphicsmagick:graphicsmagick:1.1.3", "cpe:/a:imagemagick:imagemagick:6.2.0.7", "cpe:/a:imagemagick:imagemagick:6.1.8", "cpe:/a:imagemagick:imagemagick:6.0.6", "cpe:/a:imagemagick:imagemagick:5.3.3", "cpe:/a:graphicsmagick:graphicsmagick:1.0.6", "cpe:/a:imagemagick:imagemagick:6.0.2.5", "cpe:/a:imagemagick:imagemagick:5.5.6", "cpe:/a:imagemagick:imagemagick:5.4.7", "cpe:/a:imagemagick:imagemagick:6.2.2", "cpe:/a:imagemagick:imagemagick:6.2.1", "cpe:/a:imagemagick:imagemagick:5.4.8.2.1.1.0", "cpe:/a:imagemagick:imagemagick:6.1", "cpe:/a:imagemagick:imagemagick:5.4.8", "cpe:/a:imagemagick:imagemagick:6.0.3", "cpe:/a:imagemagick:imagemagick:6.0.5", "cpe:/a:imagemagick:imagemagick:6.1.3", "cpe:/a:imagemagick:imagemagick:6.2", "cpe:/a:graphicsmagick:graphicsmagick:1.1.6", "cpe:/a:imagemagick:imagemagick:5.5.4", "cpe:/a:imagemagick:imagemagick:6.2.0.4", "cpe:/a:imagemagick:imagemagick:5.5.7", "cpe:/a:graphicsmagick:graphicsmagick:1.0", "cpe:/a:imagemagick:imagemagick:6.0", "cpe:/a:imagemagick:imagemagick:6.1.2", "cpe:/a:imagemagick:imagemagick:6.0.2", "cpe:/a:imagemagick:imagemagick:6.0.4", "cpe:/a:imagemagick:imagemagick:5.5.3.2.1.2.0", "cpe:/a:imagemagick:imagemagick:6.1.5", "cpe:/a:imagemagick:imagemagick:6.0.8", "cpe:/a:graphicsmagick:graphicsmagick:1.1", "cpe:/a:imagemagick:imagemagick:6.1.7", "cpe:/a:graphicsmagick:graphicsmagick:1.1.5", "cpe:/a:imagemagick:imagemagick:5.4.3", "cpe:/a:imagemagick:imagemagick:5.3.8", "cpe:/a:imagemagick:imagemagick:6.1.1.6", "cpe:/a:imagemagick:imagemagick:6.0.1", "cpe:/a:imagemagick:imagemagick:6.1.4", "cpe:/a:imagemagick:imagemagick:5.5.6.0_2003-04-09", "cpe:/a:imagemagick:imagemagick:6.1.6", "cpe:/a:imagemagick:imagemagick:5.4.4.5", "cpe:/a:imagemagick:imagemagick:6.0.7", "cpe:/a:graphicsmagick:graphicsmagick:1.1.4"], "id": "CVE-2005-1739", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1739", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:5.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*", "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.0.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:graphicsmagick:graphicsmagick:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:graphicsmagick:graphicsmagick:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:5.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.1.3:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:13", "bulletinFamily": "software", "cvelist": ["CVE-2005-1739"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:15530](https://secuniaresearch.flexerasoftware.com/advisories/15530/)\n[Secunia Advisory ID:15581](https://secuniaresearch.flexerasoftware.com/advisories/15581/)\n[Secunia Advisory ID:15848](https://secuniaresearch.flexerasoftware.com/advisories/15848/)\n[Secunia Advisory ID:15429](https://secuniaresearch.flexerasoftware.com/advisories/15429/)\n[Secunia Advisory ID:15453](https://secuniaresearch.flexerasoftware.com/advisories/15453/)\nRedHat RHSA: RHSA-2005:480\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200505-16.xml\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:107\n[CVE-2005-1739](https://vulners.com/cve/CVE-2005-1739)\n", "modified": "2005-05-21T05:33:04", "published": "2005-05-21T05:33:04", "href": "https://vulners.com/osvdb/OSVDB:16774", "id": "OSVDB:16774", "type": "osvdb", "title": "ImageMagick XWD Color Mask Decoding DoS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1739"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200505-16.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54948", "href": "http://plugins.openvas.org/nasl.php?oid=54948", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200505-16 (ImageMagick)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ImageMagick and GraphicsMagick utilities can be abused to perform a Denial\nof Service attack.\";\ntag_solution = \"All ImageMagick users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/imagemagick-6.2.2.3'\n\nAll GraphicsMagick users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=media-gfx/graphicsmagick-1.1.6-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200505-16\nhttp://bugs.gentoo.org/show_bug.cgi?id=90423\nhttp://bugs.gentoo.org/show_bug.cgi?id=90595\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200505-16.\";\n\n \n\nif(description)\n{\n script_id(54948);\n script_cve_id(\"CVE-2005-1739\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_name(\"Gentoo Security Advisory GLSA 200505-16 (ImageMagick)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-gfx/imagemagick\", unaffected: make_list(\"ge 6.2.2.3\"), vulnerable: make_list(\"lt 6.2.2.3\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"media-gfx/graphicsmagick\", unaffected: make_list(\"ge 1.1.6-r1\"), vulnerable: make_list(\"lt 1.1.6-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-12-20T18:27:48", "bulletinFamily": "unix", "cvelist": ["CVE-2005-1739"], "description": "**CentOS Errata and Security Advisory** CESA-2005:480\n\n\nImageMagick(TM) is an image display and manipulation tool for the X Window\r\nSystem that can read and write multiple image formats.\r\n\r\nA denial of service bug was found in the way ImageMagick parses XWD files.\r\nA user or program executing ImageMagick to process a malicious XWD file can\r\ncause ImageMagick to enter an infinite loop causing a denial of service\r\ncondition. The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\nhas assigned the name CAN-2005-1739 to this issue.\r\n\r\nUsers of ImageMagick should upgrade to these updated packages, which\r\ncontain a backported patch, and are not vulnerable to this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023818.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023819.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023827.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023828.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023829.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023830.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023831.html\n\n**Affected packages:**\nImageMagick\nImageMagick-c++\nImageMagick-c++-devel\nImageMagick-devel\nImageMagick-perl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-480.html", "edition": 4, "modified": "2005-06-03T10:26:43", "published": "2005-06-02T15:28:25", "href": "http://lists.centos.org/pipermail/centos-announce/2005-June/023818.html", "id": "CESA-2005:480", "title": "ImageMagick security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:27:44", "bulletinFamily": "unix", "cvelist": ["CVE-2005-1739"], "description": "**CentOS Errata and Security Advisory** CESA-2005:480-01\n\n\nImageMagick(TM) is an image display and manipulation tool for the X Window\r\nSystem that can read and write multiple image formats.\r\n\r\nA denial of service bug was found in the way ImageMagick parses XWD files.\r\nA user or program executing ImageMagick to process a malicious XWD file can\r\ncause ImageMagick to enter an infinite loop causing a denial of service\r\ncondition. The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\nhas assigned the name CAN-2005-1739 to this issue.\r\n\r\nUsers of ImageMagick should upgrade to these updated packages, which\r\ncontain a backported patch, and are not vulnerable to this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-June/023833.html\n\n**Affected packages:**\nImageMagick\nImageMagick-c++\nImageMagick-c++-devel\nImageMagick-devel\nImageMagick-perl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 4, "modified": "2005-06-05T22:53:01", "published": "2005-06-05T22:53:01", "href": "http://lists.centos.org/pipermail/centos-announce/2005-June/023833.html", "id": "CESA-2005:480-01", "title": "ImageMagick security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:31", "bulletinFamily": "unix", "cvelist": ["CVE-2005-1739"], "edition": 1, "description": "### Background\n\nBoth ImageMagick and GraphicsMagick are collection of tools to read, write and manipulate images in many formats. \n\n### Description\n\nTavis Ormandy of the Gentoo Linux Security Audit Team discovered a Denial of Service vulnerability in the XWD decoder of ImageMagick and GraphicsMagick when setting a color mask to zero. \n\n### Impact\n\nA remote attacker could submit a specially crafted image to a user or an automated system making use of an affected utility, resulting in a Denial of Service by consumption of CPU time. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll ImageMagick users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/imagemagick-6.2.2.3\"\n\nAll GraphicsMagick users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/graphicsmagick-1.1.6-r1\"", "modified": "2006-05-22T00:00:00", "published": "2005-05-21T00:00:00", "id": "GLSA-200505-16", "href": "https://security.gentoo.org/glsa/200505-16", "type": "gentoo", "title": "ImageMagick, GraphicsMagick: Denial of Service vulnerability", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-06T09:24:50", "description": "Updated ImageMagick packages that fix a denial of service issue are\nnow available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nImageMagick(TM) is an image display and manipulation tool for the X\nWindow System that can read and write multiple image formats.\n\nA denial of service bug was found in the way ImageMagick parses XWD\nfiles. A user or program executing ImageMagick to process a malicious\nXWD file can cause ImageMagick to enter an infinite loop causing a\ndenial of service condition. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2005-1739 to this\nissue.\n\nUsers of ImageMagick should upgrade to these updated packages, which\ncontain a backported patch, and are not vulnerable to this issue.", "edition": 26, "published": "2006-07-03T00:00:00", "title": "CentOS 3 / 4 : ImageMagick (CESA-2005:480)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1739"], "modified": "2006-07-03T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ImageMagick", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:ImageMagick-c++", "p-cpe:/a:centos:centos:ImageMagick-devel", "p-cpe:/a:centos:centos:ImageMagick-perl", "p-cpe:/a:centos:centos:ImageMagick-c++-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2005-480.NASL", "href": "https://www.tenable.com/plugins/nessus/21831", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:480 and \n# CentOS Errata and Security Advisory 2005:480 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21831);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-1739\");\n script_bugtraq_id(13705);\n script_xref(name:\"RHSA\", value:\"2005:480\");\n\n script_name(english:\"CentOS 3 / 4 : ImageMagick (CESA-2005:480)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ImageMagick packages that fix a denial of service issue are\nnow available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nImageMagick(TM) is an image display and manipulation tool for the X\nWindow System that can read and write multiple image formats.\n\nA denial of service bug was found in the way ImageMagick parses XWD\nfiles. A user or program executing ImageMagick to process a malicious\nXWD file can cause ImageMagick to enter an infinite loop causing a\ndenial of service condition. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2005-1739 to this\nissue.\n\nUsers of ImageMagick should upgrade to these updated packages, which\ncontain a backported patch, and are not vulnerable to this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-June/011780.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b71a00cb\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-June/011781.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?066bfd33\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-June/011789.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?79ab51a7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-June/011790.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b65e4785\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-June/011792.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b2324c00\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-June/011793.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7aeea7f7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected imagemagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ImageMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ImageMagick-c++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ImageMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"ImageMagick-5.5.6-15\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"ImageMagick-c++-5.5.6-15\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"ImageMagick-c++-devel-5.5.6-15\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"ImageMagick-devel-5.5.6-15\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"ImageMagick-perl-5.5.6-15\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", reference:\"ImageMagick-6.0.7.1-12\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ImageMagick-c++-6.0.7.1-12\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ImageMagick-c++-devel-6.0.7.1-12\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ImageMagick-devel-6.0.7.1-12\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"ImageMagick-perl-6.0.7.1-12\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / ImageMagick-c++ / ImageMagick-c++-devel / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:05:29", "description": "Updated ImageMagick packages that fix a denial of service issue are\nnow available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nImageMagick(TM) is an image display and manipulation tool for the X\nWindow System that can read and write multiple image formats.\n\nA denial of service bug was found in the way ImageMagick parses XWD\nfiles. A user or program executing ImageMagick to process a malicious\nXWD file can cause ImageMagick to enter an infinite loop causing a\ndenial of service condition. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2005-1739 to this\nissue.\n\nUsers of ImageMagick should upgrade to these updated packages, which\ncontain a backported patch, and are not vulnerable to this issue.", "edition": 27, "published": "2005-06-06T00:00:00", "title": "RHEL 2.1 / 3 / 4 : ImageMagick (RHSA-2005:480)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1739"], "modified": "2005-06-06T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:ImageMagick-c++", "p-cpe:/a:redhat:enterprise_linux:ImageMagick", "p-cpe:/a:redhat:enterprise_linux:ImageMagick-perl", "p-cpe:/a:redhat:enterprise_linux:ImageMagick-devel", "p-cpe:/a:redhat:enterprise_linux:ImageMagick-c++-devel"], "id": "REDHAT-RHSA-2005-480.NASL", "href": "https://www.tenable.com/plugins/nessus/18422", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:480. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18422);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-1739\");\n script_bugtraq_id(13705);\n script_xref(name:\"RHSA\", value:\"2005:480\");\n\n script_name(english:\"RHEL 2.1 / 3 / 4 : ImageMagick (RHSA-2005:480)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ImageMagick packages that fix a denial of service issue are\nnow available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nImageMagick(TM) is an image display and manipulation tool for the X\nWindow System that can read and write multiple image formats.\n\nA denial of service bug was found in the way ImageMagick parses XWD\nfiles. A user or program executing ImageMagick to process a malicious\nXWD file can cause ImageMagick to enter an infinite loop causing a\ndenial of service condition. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2005-1739 to this\nissue.\n\nUsers of ImageMagick should upgrade to these updated packages, which\ncontain a backported patch, and are not vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-1739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:480\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ImageMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ImageMagick-c++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ImageMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/06/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:480\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"ImageMagick-5.3.8-11\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"ImageMagick-c++-5.3.8-11\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"ImageMagick-c++-devel-5.3.8-11\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"ImageMagick-devel-5.3.8-11\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"ImageMagick-perl-5.3.8-11\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"ImageMagick-5.5.6-15\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"ImageMagick-c++-5.5.6-15\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"ImageMagick-c++-devel-5.5.6-15\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"ImageMagick-devel-5.5.6-15\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"ImageMagick-perl-5.5.6-15\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"ImageMagick-6.0.7.1-12\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ImageMagick-c++-6.0.7.1-12\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ImageMagick-c++-devel-6.0.7.1-12\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ImageMagick-devel-6.0.7.1-12\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"ImageMagick-perl-6.0.7.1-12\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / ImageMagick-c++ / ImageMagick-c++-devel / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:51:27", "description": "A heap-based buffer overflow was found in the way that ImageMagick\nparses PNM files. If an attacker can trick a victim into opening a\nspecially crafted PNM file, the attacker could execute arbitrary code\non the victim's machine (CVE-2005-1275).\n\nAs well, a Denial of Service vulnerability was found in the way that\nImageMagick parses XWD files. If a user or program executed\nImageMagick to process a malicious XWD file, ImageMagick will enter\ninfo an infinite loop causing a DoS (CVE-2005-1739).\n\nThe updated packages have been patched to fix these issues.", "edition": 25, "published": "2005-06-28T00:00:00", "title": "Mandrake Linux Security Advisory : ImageMagick (MDKSA-2005:107)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1275", "CVE-2005-1739"], "modified": "2005-06-28T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libMagick8.0.2", "p-cpe:/a:mandriva:linux:perl-Image-Magick", "p-cpe:/a:mandriva:linux:libMagick6.4.0-devel", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "p-cpe:/a:mandriva:linux:ImageMagick-doc", "p-cpe:/a:mandriva:linux:ImageMagick", "p-cpe:/a:mandriva:linux:lib64Magick6.4.0", "p-cpe:/a:mandriva:linux:lib64Magick8.0.2-devel", "p-cpe:/a:mandriva:linux:libMagick8.0.2-devel", "p-cpe:/a:mandriva:linux:perl-Magick", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005", "p-cpe:/a:mandriva:linux:lib64Magick8.0.2", "p-cpe:/a:mandriva:linux:lib64Magick6.4.0-devel", "p-cpe:/a:mandriva:linux:libMagick6.4.0"], "id": "MANDRAKE_MDKSA-2005-107.NASL", "href": "https://www.tenable.com/plugins/nessus/18584", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:107. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18584);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-1275\", \"CVE-2005-1739\");\n script_xref(name:\"MDKSA\", value:\"2005:107\");\n\n script_name(english:\"Mandrake Linux Security Advisory : ImageMagick (MDKSA-2005:107)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow was found in the way that ImageMagick\nparses PNM files. If an attacker can trick a victim into opening a\nspecially crafted PNM file, the attacker could execute arbitrary code\non the victim's machine (CVE-2005-1275).\n\nAs well, a Denial of Service vulnerability was found in the way that\nImageMagick parses XWD files. If a user or program executed\nImageMagick to process a malicious XWD file, ImageMagick will enter\ninfo an infinite loop causing a DoS (CVE-2005-1739).\n\nThe updated packages have been patched to fix these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ImageMagick-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64Magick6.4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64Magick6.4.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64Magick8.0.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64Magick8.0.2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libMagick6.4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libMagick6.4.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libMagick8.0.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libMagick8.0.2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-Image-Magick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-Magick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/06/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.1\", reference:\"ImageMagick-6.0.4.4-5.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"ImageMagick-doc-6.0.4.4-5.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64Magick6.4.0-6.0.4.4-5.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64Magick6.4.0-devel-6.0.4.4-5.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libMagick6.4.0-6.0.4.4-5.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libMagick6.4.0-devel-6.0.4.4-5.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"perl-Magick-6.0.4.4-5.3.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.2\", reference:\"ImageMagick-6.2.0.3-8.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"ImageMagick-doc-6.2.0.3-8.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64Magick8.0.2-6.2.0.3-8.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64Magick8.0.2-devel-6.2.0.3-8.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libMagick8.0.2-6.2.0.3-8.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libMagick8.0.2-devel-6.2.0.3-8.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"perl-Image-Magick-6.2.0.3-8.1.102mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:46:50", "bulletinFamily": "unix", "cvelist": ["CVE-2005-1739"], "description": "ImageMagick(TM) is an image display and manipulation tool for the X Window\r\nSystem that can read and write multiple image formats.\r\n\r\nA denial of service bug was found in the way ImageMagick parses XWD files.\r\nA user or program executing ImageMagick to process a malicious XWD file can\r\ncause ImageMagick to enter an infinite loop causing a denial of service\r\ncondition. The Common Vulnerabilities and Exposures project (cve.mitre.org)\r\nhas assigned the name CAN-2005-1739 to this issue.\r\n\r\nUsers of ImageMagick should upgrade to these updated packages, which\r\ncontain a backported patch, and are not vulnerable to this issue.", "modified": "2018-03-14T19:27:14", "published": "2005-06-02T04:00:00", "id": "RHSA-2005:480", "href": "https://access.redhat.com/errata/RHSA-2005:480", "type": "redhat", "title": "(RHSA-2005:480) ImageMagick security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-09T17:36:42", "bulletinFamily": "unix", "cvelist": ["CVE-2005-1275", "CVE-2005-1739"], "description": "Damian Put discovered a buffer overflow in the PNM image decoder. \nProcessing a specially crafted PNM file with a small \"colors\" value \nresulted in a crash of the application that used the ImageMagick \nlibrary. (CAN-2005-1275)\n\nAnother Denial of Service vulnerability was found in the XWD decoder. \nSpecially crafted invalid color masks resulted in an infinite loop \nwhich caused the application using the ImageMagick library to stop \nworking and use all available CPU resources. \n(<http://bugs.gentoo.org/show_bug.cgi?id=90423>)", "edition": 15, "modified": "2005-05-23T00:00:00", "published": "2005-05-23T00:00:00", "id": "USN-132-1", "href": "https://ubuntu.com/security/notices/USN-132-1", "title": "ImageMagick vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}