Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2006-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2006-024.NASL
HistoryJan 29, 2006 - 12:00 a.m.

Mandrake Linux Security Advisory : ImageMagick (MDKSA-2006:024)

2006-01-2900:00:00
This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.
www.tenable.com
16
JSON

The delegate code in ImageMagick 6.2.4.x allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. (CVE-2005-4601)

A format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3, and other versions, allows user-complicit attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program. (CVE-2006-0082)

The updated packages have been patched to correct these issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2006:024. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(20818);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2005-4601", "CVE-2006-0082", "CVE-2006-2440");
  script_bugtraq_id(12717, 16093);
  script_xref(name:"MDKSA", value:"2006:024");

  script_name(english:"Mandrake Linux Security Advisory : ImageMagick (MDKSA-2006:024)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The delegate code in ImageMagick 6.2.4.x allows remote attackers to
execute arbitrary commands via shell metacharacters in a filename that
is processed by the display command. (CVE-2005-4601)

A format string vulnerability in the SetImageInfo function in image.c
for ImageMagick 6.2.3, and other versions, allows user-complicit
attackers to cause a denial of service (crash) and possibly execute
arbitrary code via a numeric format string specifier such as %d in the
file name, a variant of CVE-2005-0397, and as demonstrated using the
convert program. (CVE-2006-0082)

The updated packages have been patched to correct these issues."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ImageMagick");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ImageMagick-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64Magick8.4.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64Magick8.4.2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libMagick8.4.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libMagick8.4.2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-Image-Magick");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/01/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/29");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2006.0", reference:"ImageMagick-6.2.4.3-1.1.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", reference:"ImageMagick-doc-6.2.4.3-1.1.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64Magick8.4.2-6.2.4.3-1.1.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64Magick8.4.2-devel-6.2.4.3-1.1.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libMagick8.4.2-6.2.4.3-1.1.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libMagick8.4.2-devel-6.2.4.3-1.1.20060mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK2006.0", reference:"perl-Image-Magick-6.2.4.3-1.1.20060mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuximagemagickp-cpe:/a:mandriva:linux:imagemagick
mandrivalinuximagemagick-docp-cpe:/a:mandriva:linux:imagemagick-doc
mandrivalinuxlib64magick8.4.2p-cpe:/a:mandriva:linux:lib64magick8.4.2
mandrivalinuxlib64magick8.4.2-develp-cpe:/a:mandriva:linux:lib64magick8.4.2-devel
mandrivalinuxlibmagick8.4.2p-cpe:/a:mandriva:linux:libmagick8.4.2
mandrivalinuxlibmagick8.4.2-develp-cpe:/a:mandriva:linux:libmagick8.4.2-devel
mandrivalinuxperl-image-magickp-cpe:/a:mandriva:linux:perl-image-magick
mandrivalinux2006cpe:/o:mandriva:linux:2006

Related

openvas 31
nessus 23
centos 6
cvelist 4
ubuntucve 4
prion 2
redhat 4
ubuntu 2
debiancve 4
cve 4
slackware 1
debian 8
fedora 1
freebsd 1
gentoo 3
oraclelinux 1
osv 3
suse 1
openvas
openvas
Solaris Update for ImageMagick 137038-01
2009-06-03 00:00:00
Solaris Update for ImageMagick 137039-01
2009-06-03 00:00:00
Solaris Update for ImageMagick 136882-02
2009-06-03 00:00:00
nessus
nessus
CentOS 3 / 4 : ImageMagick (CESA-2006:0178)
2006-07-03 00:00:00
RHEL 2.1 / 3 / 4 : ImageMagick (RHSA-2006:0178)
2006-02-15 00:00:00
Ubuntu 4.10 / 5.04 / 5.10 : imagemagick vulnerabilities (USN-246-1)
2006-03-13 00:00:00
centos
centos
ImageMagick security update
2006-02-16 01:17:06
ImageMagick security update
2006-02-14 17:05:06
ImageMagick security update
2006-02-14 17:10:14
cvelist
cvelist
CVE-2006-0082
2006-01-04 23:00:00
CVE-2005-4601
2006-01-01 23:00:00
CVE-2005-0397
2005-03-07 05:00:00
ubuntucve
ubuntucve
CVE-2006-0082
2006-01-04 00:00:00
CVE-2005-4601
2005-12-31 00:00:00
CVE-2005-0397
2005-05-02 00:00:00
prion
prion
Format string
2006-01-04 23:03:00
Heap overflow
2006-05-18 10:02:00
redhat
redhat
(RHSA-2006:0178) ImageMagick security update
2006-02-14 00:00:00
(RHSA-2005:320) ImageMagick security update
2005-03-23 00:00:00
(RHSA-2007:0015) Moderate: ImageMagick security update
2007-02-15 00:00:00
ubuntu
ubuntu
imagemagick vulnerabilities
2006-01-25 00:00:00
Imagemagick vulnerability
2005-03-03 00:00:00
debiancve
debiancve
CVE-2006-0082
2006-01-04 23:03:00
CVE-2005-4601
2005-12-31 05:00:00
CVE-2005-0397
2005-05-02 04:00:00
cve
cve
CVE-2006-0082
2006-01-04 23:03:00
CVE-2005-0397
2005-05-02 04:00:00
CVE-2005-4601
2005-12-31 05:00:00
slackware
slackware
[slackware-security] imagemagick
2006-02-15 00:26:55
debian
debian
[SECURITY] [DSA 957-1] New ImageMagick packages fix arbitrary command execution
2006-01-26 00:00:00
[SECURITY] [DSA 957-2] New ImageMagick packages fix arbitrary command execution
2006-01-31 00:00:00
[SECURITY] [DSA 957-1] New ImageMagick packages fix arbitrary command execution
2006-01-26 18:28:00
fedora
fedora
[SECURITY] Fedora 7 Update: GraphicsMagick-1.1.8-2.fc7
2007-07-30 17:04:58
freebsd
freebsd
ImageMagick -- format string vulnerability
2005-03-02 00:00:00
gentoo
gentoo
ImageMagick: Filename handling vulnerability
2005-03-06 00:00:00
ImageMagick: Format string vulnerability
2006-02-13 00:00:00
GraphicsMagick: Format string vulnerability
2006-02-26 00:00:00
oraclelinux
oraclelinux
Moderate: ImageMagick security update
2007-02-15 00:00:00
osv
osv
imagemagick
2006-09-04 00:00:00
imagemagick - several
2005-04-01 00:00:00
imagemagick
2006-11-19 00:00:00
suse
suse
remote code execution in ImageMagick
2005-03-23 15:05:35
JSON
Related for MANDRAKE_MDKSA-2006-024.NASL
openvas31nessus23centos6cvelist4ubuntucve4prion2redhat4ubuntu2debiancve4cve4slackware1debian8fedora1freebsd1gentoo3oraclelinux1osv3suse1