Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2005-065.NASL
HistoryApr 02, 2005 - 12:00 a.m.

Mandrake Linux Security Advisory : ImageMagick (MDKSA-2005:065)

2005-04-0200:00:00
This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.
www.tenable.com
10
JSON

A format string vulnerability was discovered in ImageMagick, in the way it handles filenames. An attacker could execute arbitrary code on a victim’s machine provided they could trick them into opening a file with a special name (CVE-2005-0397).

As well, Andrei Nigmatulin discovered a heap-based buffer overflow in ImageMagick’s image handler. An attacker could create a special PhotoShop Document (PSD) image file in such a way that it would cause ImageMagick to execute arbitrary code when processing the image (CVE-2005-0005).

Other vulnerabilities were discovered in ImageMagick versions prior to 6.0 :

A bug in the way that ImageMagick handles TIFF tags was discovered. It was possible that a TIFF image with an invalid tag could cause ImageMagick to crash (CVE-2005-0759).

A bug in ImageMagick’s TIFF decoder was discovered where a specially- crafted TIFF image could cause ImageMagick to crash (CVE-2005-0760).

A bug in ImageMagick’s PSD parsing was discovered where a specially- crafted PSD file could cause ImageMagick to crash (CVE-2005-0761).

Finally, a heap overflow bug was discovered in ImageMagick’s SGI parser. If an attacker could trick a user into opening a specially- crafted SGI image file, ImageMagick would execute arbitrary code (CVE-2005-0762).

The updated packages have been patched to correct these issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2005:065. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(17677);
  script_version("1.21");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2005-0005", "CVE-2005-0397", "CVE-2005-0759", "CVE-2005-0760", "CVE-2005-0761", "CVE-2005-0762");
  script_xref(name:"MDKSA", value:"2005:065");

  script_name(english:"Mandrake Linux Security Advisory : ImageMagick (MDKSA-2005:065)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A format string vulnerability was discovered in ImageMagick, in the
way it handles filenames. An attacker could execute arbitrary code on
a victim's machine provided they could trick them into opening a file
with a special name (CVE-2005-0397).

As well, Andrei Nigmatulin discovered a heap-based buffer overflow in
ImageMagick's image handler. An attacker could create a special
PhotoShop Document (PSD) image file in such a way that it would cause
ImageMagick to execute arbitrary code when processing the image
(CVE-2005-0005).

Other vulnerabilities were discovered in ImageMagick versions prior to
6.0 :

A bug in the way that ImageMagick handles TIFF tags was discovered. It
was possible that a TIFF image with an invalid tag could cause
ImageMagick to crash (CVE-2005-0759).

A bug in ImageMagick's TIFF decoder was discovered where a specially-
crafted TIFF image could cause ImageMagick to crash (CVE-2005-0760).

A bug in ImageMagick's PSD parsing was discovered where a specially-
crafted PSD file could cause ImageMagick to crash (CVE-2005-0761).

Finally, a heap overflow bug was discovered in ImageMagick's SGI
parser. If an attacker could trick a user into opening a specially-
crafted SGI image file, ImageMagick would execute arbitrary code
(CVE-2005-0762).

The updated packages have been patched to correct these issues."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ImageMagick");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ImageMagick-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64Magick5.5.7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64Magick5.5.7-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64Magick6.4.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64Magick6.4.0-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libMagick5.5.7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libMagick5.5.7-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libMagick6.4.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libMagick6.4.0-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-Magick");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2005/04/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2005/04/02");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK10.0", reference:"ImageMagick-5.5.7.15-6.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"ImageMagick-doc-5.5.7.15-6.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64Magick5.5.7-5.5.7.15-6.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64Magick5.5.7-devel-5.5.7.15-6.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libMagick5.5.7-5.5.7.15-6.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libMagick5.5.7-devel-5.5.7.15-6.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"perl-Magick-5.5.7.15-6.3.100mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK10.1", reference:"ImageMagick-6.0.4.4-5.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"ImageMagick-doc-6.0.4.4-5.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64Magick6.4.0-6.0.4.4-5.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64Magick6.4.0-devel-6.0.4.4-5.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libMagick6.4.0-6.0.4.4-5.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libMagick6.4.0-devel-6.0.4.4-5.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"perl-Magick-6.0.4.4-5.2.101mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuximagemagickp-cpe:/a:mandriva:linux:imagemagick
mandrivalinuximagemagick-docp-cpe:/a:mandriva:linux:imagemagick-doc
mandrivalinuxlib64magick5.5.7p-cpe:/a:mandriva:linux:lib64magick5.5.7
mandrivalinuxlib64magick5.5.7-develp-cpe:/a:mandriva:linux:lib64magick5.5.7-devel
mandrivalinuxlib64magick6.4.0p-cpe:/a:mandriva:linux:lib64magick6.4.0
mandrivalinuxlib64magick6.4.0-develp-cpe:/a:mandriva:linux:lib64magick6.4.0-devel
mandrivalinuxlibmagick5.5.7p-cpe:/a:mandriva:linux:libmagick5.5.7
mandrivalinuxlibmagick5.5.7-develp-cpe:/a:mandriva:linux:libmagick5.5.7-devel
mandrivalinuxlibmagick6.4.0p-cpe:/a:mandriva:linux:libmagick6.4.0
mandrivalinuxlibmagick6.4.0-develp-cpe:/a:mandriva:linux:libmagick6.4.0-devel
Rows per page:
1-10 of 131

Related

nessus 16
redhat 3
suse 1
debian 4
openvas 16
osv 2
ubuntucve 7
freebsd 2
cve 7
ubuntu 2
gentoo 3
debiancve 7
securityvulns 1
prion 1
nessus
nessus
RHEL 2.1 / 3 : ImageMagick (RHSA-2005:070)
2005-03-25 00:00:00
SUSE-SA:2005:017: ImageMagick
2005-03-24 00:00:00
Debian DSA-702-1 : imagemagick - several vulnerabilities
2005-04-02 00:00:00
redhat
redhat
(RHSA-2005:070) ImageMagick security update
2005-03-23 00:00:00
(RHSA-2005:071) ImageMagick security update
2005-02-15 00:00:00
(RHSA-2005:320) ImageMagick security update
2005-03-23 00:00:00
suse
suse
remote code execution in ImageMagick
2005-03-23 15:05:35
debian
debian
[SECURITY] [DSA 702-1] New ImageMagick packages fix several vulnerabilities
2005-04-01 14:26:54
[SECURITY] [DSA 702-1] New ImageMagick packages fix several vulnerabilities
2005-04-01 14:26:54
[SECURITY] [DSA 646-1] New ImageMagick packages fix arbitrary code execution
2005-01-19 10:27:12
openvas
openvas
Debian: Security Advisory (DSA-702-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 702-1 (imagemagick)
2008-01-17 00:00:00
FreeBSD Ports: ImageMagick
2008-09-04 00:00:00
osv
osv
imagemagick - several
2005-04-01 00:00:00
imagemagick - buffer overflow
2005-01-19 00:00:00
ubuntucve
ubuntucve
CVE-2005-0759
2005-03-23 00:00:00
CVE-2005-0397
2005-05-02 00:00:00
CVE-2005-0761
2005-03-23 00:00:00
freebsd
freebsd
ImageMagick -- format string vulnerability
2005-03-02 00:00:00
ImageMagick -- PSD handler heap overflow vulnerability
2004-12-21 00:00:00
cve
cve
CVE-2005-0397
2005-05-02 04:00:00
CVE-2005-0760
2005-05-02 04:00:00
CVE-2005-0761
2005-03-23 05:00:00
ubuntu
ubuntu
Imagemagick vulnerability
2005-03-03 00:00:00
imagemagick vulnerability
2005-01-19 00:00:00
gentoo
gentoo
ImageMagick: Filename handling vulnerability
2005-03-06 00:00:00
ImageMagick: PSD decoding heap overflow
2005-01-20 00:00:00
GraphicsMagick: PSD decoding heap overflow
2005-01-26 00:00:00
debiancve
debiancve
CVE-2005-0005
2005-05-02 04:00:00
CVE-2005-0397
2005-05-02 04:00:00
CVE-2005-0761
2005-03-23 05:00:00
securityvulns
securityvulns
[Full-Disclosure] iDEFENSE Security Advisory 01.17.05: Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability
2005-01-18 00:00:00
prion
prion
Format string
2006-01-04 23:03:00
JSON
Related for MANDRAKE_MDKSA-2005-065.NASL
nessus16redhat3suse1debian4openvas16osv2ubuntucve7freebsd2cve7ubuntu2gentoo3debiancve7securityvulns1prion1