GLSA-200705-13 : ImageMagick: Multiple buffer overflows

2007-05-11T00:00:00
ID GENTOO_GLSA-200705-13.NASL
Type nessus
Reporter Tenable
Modified 2018-08-10T00:00:00

Description

The remote host is affected by the vulnerability described in GLSA-200705-13 (ImageMagick: Multiple buffer overflows)

iDefense Labs has discovered multiple integer overflows in ImageMagick     in the functions ReadDCMImage() and ReadXWDImage(), that are used to     process DCM and XWD files.

Impact :

An attacker could entice a user to open specially crafted XWD or DCM     file, resulting in heap-based buffer overflows and possibly the     execution of arbitrary code with the privileges of the user running     ImageMagick. Note that this user may be httpd or any other account used     by applications relying on the ImageMagick tools to automatically     process images.

Workaround :

There is no known workaround at this time.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200705-13.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(25209);
  script_version("1.12");
  script_cvs_date("Date: 2018/08/10 18:07:06");

  script_cve_id("CVE-2007-1797");
  script_xref(name:"GLSA", value:"200705-13");

  script_name(english:"GLSA-200705-13 : ImageMagick: Multiple buffer overflows");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200705-13
(ImageMagick: Multiple buffer overflows)

    iDefense Labs has discovered multiple integer overflows in ImageMagick
    in the functions ReadDCMImage() and ReadXWDImage(), that are used to
    process DCM and XWD files.
  
Impact :

    An attacker could entice a user to open specially crafted XWD or DCM
    file, resulting in heap-based buffer overflows and possibly the
    execution of arbitrary code with the privileges of the user running
    ImageMagick. Note that this user may be httpd or any other account used
    by applications relying on the ImageMagick tools to automatically
    process images.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200705-13"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All ImageMagick users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=media-gfx/imagemagick-6.3.3'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_cwe_id(189);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:imagemagick");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/05/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/05/11");
  script_set_attribute(attribute:"vuln_publication_date", value:"2007/03/31");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"media-gfx/imagemagick", unaffected:make_list("ge 6.3.3"), vulnerable:make_list("lt 6.3.3"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ImageMagick");
}