CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
89.8%
This update for ImageMagick fixes the following issues :
CVE-2017-9405: A memory leak in the ReadICONImage function was fixed that could lead to DoS via memory exhaustion (bsc#1042911)
CVE-2017-9407: In ImageMagick, the ReadPALMImage function in palm.c allowed attackers to cause a denial of service (memory leak) via a crafted file.
(bsc#1042824)
CVE-2017-11166: In ReadXWDImage in coders\xwd.c a memoryleak could have caused memory exhaustion via a crafted length (bsc#1048110)
CVE-2017-11170: ReadTGAImage in coders\tga.c allowed for memory exhaustion via invalid colors data in the header of a TGA or VST file (bsc#1048272)
CVE-2017-11448: The ReadJPEGImage function in coders/jpeg.c in ImageMagick allowed remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. (bsc#1049375)
CVE-2017-11450: A remote denial of service in coders/jpeg.c was fixed (bsc#1049374)
CVE-2017-11528: ReadDIBImage in coders/dib.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050119)
CVE-2017-11530: ReadEPTImage in coders/ept.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050122)
CVE-2017-11531: When ImageMagick processed a crafted file in convert, it could lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c.
(bsc#1050126)
CVE-2017-11533: A information leak by 1 byte due to heap-based buffer over-read in the WriteUILImage() in coders/uil.c was fixed (bsc#1050132)
CVE-2017-11537: When ImageMagick processed a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation. (bsc#1050048)
CVE-2017-11638, CVE-2017-11642: A NULL pointer dereference in theWriteMAPImage() in coders/map.c was fixed which could lead to a crash (bsc#1050617)
CVE-2017-12418: ImageMagick had memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. (bsc#1052207)
CVE-2017-12427: ProcessMSLScript coders/msl.c allowed remote attackers to cause a DoS (bsc#1052248)
CVE-2017-12429: A memory exhaustion flaw in ReadMIFFImage in coders/miff.c was fixed, which allowed attackers to cause DoS (bsc#1052251)
CVE-2017-12432: In ImageMagick, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allowed attackers to cause a denial of service. (bsc#1052254)
CVE-2017-12566: A memory leak in ReadMVGImage in coders/mvg.c, could have allowed attackers to cause DoS (bsc#1052472)
CVE-2017-12654: The ReadPICTImage function in coders/pict.c in ImageMagick allowed attackers to cause a denial of service (memory leak) via a crafted file.
(bsc#1052761)
CVE-2017-12663: A memory leak in WriteMAPImage in coders/map.c was fixed that could lead to a DoS via memory exhaustion (bsc#1052754)
CVE-2017-12664: ImageMagick had a memory leak vulnerability in WritePALMImage in coders/palm.c.
(bsc#1052750)
CVE-2017-12665: ImageMagick had a memory leak vulnerability in WritePICTImage in coders/pict.c.
(bsc#1052747)
CVE-2017-12668: ImageMagick had a memory leak vulnerability in WritePCXImage in coders/pcx.c.
(bsc#1052688)
CVE-2017-12674: A CPU exhaustion in ReadPDBImage in coders/pdb.c was fixed, which allowed attackers to cause DoS (bsc#1052711)
CVE-2017-13058: In ImageMagick, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allowed attackers to cause a denial of service via a crafted file. (bsc#1055069)
CVE-2017-13131: A memory leak vulnerability was found in thefunction ReadMIFFImage in coders/miff.c, which allowed attackers tocause a denial of service (memory consumption in NewL (bsc#1055229)
CVE-2017-14060: A NULL pointer Dereference issue in the ReadCUTImage function in coders/cut.c was fixed that could have caused a Denial of Service (bsc#1056768)
CVE-2017-14139: A memory leak vulnerability in WriteMSLImage in coders/msl.c was fixed. (bsc#1057163)
CVE-2017-14224: A heap-based buffer overflow in WritePCXImage in coders/pcx.c could lead to denial of service or code execution. (bsc#1058009)
CVE-2017-17682: A large loop vulnerability was fixed in ExtractPostscript in coders/wpg.c, which allowed attackers to cause a denial of service (CPU exhaustion) (bsc#1072898)
CVE-2017-17885: In ImageMagick, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allowed attackers to cause a denial of service via a crafted PICT image file. (bsc#1074119)
CVE-2017-17934: A memory leak in the function MSLPopImage and ProcessMSLScript could have lead to a denial of service (bsc#1074170)
CVE-2017-18028: A memory exhaustion in the function ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)
CVE-2018-5357: ImageMagick had memory leaks in the ReadDCMImage function in coders/dcm.c. (bsc#1075821)
CVE-2018-6405: In the ReadDCMImage function in coders/dcm.c in ImageMagick, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer.
The previous pointer is lost, which leads to a memory leak. This allowed remote attackers to cause a denial of service. (bsc#1078433)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2018:0581-1.
# The text itself is copyright (C) SUSE.
#
include("compat.inc");
if (description)
{
script_id(107116);
script_version("3.4");
script_cvs_date("Date: 2019/09/10 13:51:47");
script_cve_id("CVE-2017-11166", "CVE-2017-11170", "CVE-2017-11448", "CVE-2017-11450", "CVE-2017-11528", "CVE-2017-11530", "CVE-2017-11531", "CVE-2017-11533", "CVE-2017-11537", "CVE-2017-11638", "CVE-2017-11642", "CVE-2017-12418", "CVE-2017-12427", "CVE-2017-12429", "CVE-2017-12432", "CVE-2017-12566", "CVE-2017-12654", "CVE-2017-12663", "CVE-2017-12664", "CVE-2017-12665", "CVE-2017-12668", "CVE-2017-12674", "CVE-2017-13058", "CVE-2017-13131", "CVE-2017-14060", "CVE-2017-14139", "CVE-2017-14224", "CVE-2017-17682", "CVE-2017-17885", "CVE-2017-17934", "CVE-2017-18028", "CVE-2017-9405", "CVE-2017-9407", "CVE-2018-5357", "CVE-2018-6405");
script_name(english:"SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:0581-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"This update for ImageMagick fixes the following issues :
- CVE-2017-9405: A memory leak in the ReadICONImage
function was fixed that could lead to DoS via memory
exhaustion (bsc#1042911)
- CVE-2017-9407: In ImageMagick, the ReadPALMImage
function in palm.c allowed attackers to cause a denial
of service (memory leak) via a crafted file.
(bsc#1042824)
- CVE-2017-11166: In ReadXWDImage in coders\xwd.c a
memoryleak could have caused memory exhaustion via a
crafted length (bsc#1048110)
- CVE-2017-11170: ReadTGAImage in coders\tga.c allowed for
memory exhaustion via invalid colors data in the header
of a TGA or VST file (bsc#1048272)
- CVE-2017-11448: The ReadJPEGImage function in
coders/jpeg.c in ImageMagick allowed remote attackers to
obtain sensitive information from uninitialized memory
locations via a crafted file. (bsc#1049375)
- CVE-2017-11450: A remote denial of service in
coders/jpeg.c was fixed (bsc#1049374)
- CVE-2017-11528: ReadDIBImage in coders/dib.c allows
remote attackers to cause DoS via memory exhaustion
(bsc#1050119)
- CVE-2017-11530: ReadEPTImage in coders/ept.c allows
remote attackers to cause DoS via memory exhaustion
(bsc#1050122)
- CVE-2017-11531: When ImageMagick processed a crafted
file in convert, it could lead to a Memory Leak in the
WriteHISTOGRAMImage() function in coders/histogram.c.
(bsc#1050126)
- CVE-2017-11533: A information leak by 1 byte due to
heap-based buffer over-read in the WriteUILImage() in
coders/uil.c was fixed (bsc#1050132)
- CVE-2017-11537: When ImageMagick processed a crafted
file in convert, it can lead to a Floating Point
Exception (FPE) in the WritePALMImage() function in
coders/palm.c, related to an incorrect bits-per-pixel
calculation. (bsc#1050048)
- CVE-2017-11638, CVE-2017-11642: A NULL pointer
dereference in theWriteMAPImage() in coders/map.c was
fixed which could lead to a crash (bsc#1050617)
- CVE-2017-12418: ImageMagick had memory leaks in the
parse8BIMW and format8BIM functions in coders/meta.c,
related to the WriteImage function in
MagickCore/constitute.c. (bsc#1052207)
- CVE-2017-12427: ProcessMSLScript coders/msl.c allowed
remote attackers to cause a DoS (bsc#1052248)
- CVE-2017-12429: A memory exhaustion flaw in
ReadMIFFImage in coders/miff.c was fixed, which allowed
attackers to cause DoS (bsc#1052251)
- CVE-2017-12432: In ImageMagick, a memory exhaustion
vulnerability was found in the function ReadPCXImage in
coders/pcx.c, which allowed attackers to cause a denial
of service. (bsc#1052254)
- CVE-2017-12566: A memory leak in ReadMVGImage in
coders/mvg.c, could have allowed attackers to cause DoS
(bsc#1052472)
- CVE-2017-12654: The ReadPICTImage function in
coders/pict.c in ImageMagick allowed attackers to cause
a denial of service (memory leak) via a crafted file.
(bsc#1052761)
- CVE-2017-12663: A memory leak in WriteMAPImage in
coders/map.c was fixed that could lead to a DoS via
memory exhaustion (bsc#1052754)
- CVE-2017-12664: ImageMagick had a memory leak
vulnerability in WritePALMImage in coders/palm.c.
(bsc#1052750)
- CVE-2017-12665: ImageMagick had a memory leak
vulnerability in WritePICTImage in coders/pict.c.
(bsc#1052747)
- CVE-2017-12668: ImageMagick had a memory leak
vulnerability in WritePCXImage in coders/pcx.c.
(bsc#1052688)
- CVE-2017-12674: A CPU exhaustion in ReadPDBImage in
coders/pdb.c was fixed, which allowed attackers to cause
DoS (bsc#1052711)
- CVE-2017-13058: In ImageMagick, a memory leak
vulnerability was found in the function WritePCXImage in
coders/pcx.c, which allowed attackers to cause a denial
of service via a crafted file. (bsc#1055069)
- CVE-2017-13131: A memory leak vulnerability was found in
thefunction ReadMIFFImage in coders/miff.c, which
allowed attackers tocause a denial of service (memory
consumption in NewL (bsc#1055229)
- CVE-2017-14060: A NULL pointer Dereference issue in the
ReadCUTImage function in coders/cut.c was fixed that
could have caused a Denial of Service (bsc#1056768)
- CVE-2017-14139: A memory leak vulnerability in
WriteMSLImage in coders/msl.c was fixed. (bsc#1057163)
- CVE-2017-14224: A heap-based buffer overflow in
WritePCXImage in coders/pcx.c could lead to denial of
service or code execution. (bsc#1058009)
- CVE-2017-17682: A large loop vulnerability was fixed in
ExtractPostscript in coders/wpg.c, which allowed
attackers to cause a denial of service (CPU exhaustion)
(bsc#1072898)
- CVE-2017-17885: In ImageMagick, a memory leak
vulnerability was found in the function ReadPICTImage in
coders/pict.c, which allowed attackers to cause a denial
of service via a crafted PICT image file. (bsc#1074119)
- CVE-2017-17934: A memory leak in the function
MSLPopImage and ProcessMSLScript could have lead to a
denial of service (bsc#1074170)
- CVE-2017-18028: A memory exhaustion in the function
ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)
- CVE-2018-5357: ImageMagick had memory leaks in the
ReadDCMImage function in coders/dcm.c. (bsc#1075821)
- CVE-2018-6405: In the ReadDCMImage function in
coders/dcm.c in ImageMagick, each redmap, greenmap, and
bluemap variable can be overwritten by a new pointer.
The previous pointer is lost, which leads to a memory
leak. This allowed remote attackers to cause a denial of
service. (bsc#1078433)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1042824"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1042911"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1048110"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1048272"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1049374"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1049375"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1050048"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1050119"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1050122"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1050126"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1050132"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1050617"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052207"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052248"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052251"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052254"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052472"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052688"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052711"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052747"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052750"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052754"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052761"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1055069"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1055229"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1056768"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1057163"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1058009"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1072898"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1074119"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1074170"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1075821"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1076182"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1078433"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11166/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11170/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11448/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11450/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11528/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11530/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11531/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11533/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11537/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11638/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-11642/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12418/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12427/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12429/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12432/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12566/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12654/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12663/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12664/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12665/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12668/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-12674/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-13058/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-13131/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14060/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14139/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14224/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-17682/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-17885/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-17934/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-18028/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-9405/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-9407/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-5357/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-6405/"
);
# https://www.suse.com/support/update/announcement/2018/suse-su-20180581-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?f1802ee9"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch
SUSE-SLE-WE-12-SP3-2018-391=1
SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch
SUSE-SLE-WE-12-SP2-2018-391=1
SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t
patch SUSE-SLE-SDK-12-SP3-2018-391=1
SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t
patch SUSE-SLE-SDK-12-SP2-2018-391=1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t
patch SUSE-SLE-RPI-12-SP2-2018-391=1
SUSE Linux Enterprise Server 12-SP3:zypper in -t patch
SUSE-SLE-SERVER-12-SP3-2018-391=1
SUSE Linux Enterprise Server 12-SP2:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-2018-391=1
SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP3-2018-391=1
SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP2-2018-391=1
To bring your system up-to-date, use 'zypper patch'."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/02");
script_set_attribute(attribute:"patch_publication_date", value:"2018/03/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/02");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2/3", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP2/3", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"3", reference:"ImageMagick-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"ImageMagick-debugsource-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libMagickCore-6_Q16-1-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libMagickWand-6_Q16-1-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"ImageMagick-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"ImageMagick-debugsource-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libMagickCore-6_Q16-1-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libMagickWand-6_Q16-1-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"ImageMagick-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"ImageMagick-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"ImageMagick-debugsource-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libMagick++-6_Q16-3-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-32bit-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libMagickWand-6_Q16-1-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"ImageMagick-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"ImageMagick-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"ImageMagick-debugsource-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libMagick++-6_Q16-3-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-32bit-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libMagickWand-6_Q16-1-6.8.8.1-71.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.42.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ImageMagick");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | imagemagick | p-cpe:/a:novell:suse_linux:imagemagick |
novell | suse_linux | imagemagick-debuginfo | p-cpe:/a:novell:suse_linux:imagemagick-debuginfo |
novell | suse_linux | imagemagick-debugsource | p-cpe:/a:novell:suse_linux:imagemagick-debugsource |
novell | suse_linux | libmagick%2b%2b-6_q16 | p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16 |
novell | suse_linux | libmagick%2b%2b-6_q16-3-debuginfo | p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16-3-debuginfo |
novell | suse_linux | libmagickcore-6_q16 | p-cpe:/a:novell:suse_linux:libmagickcore-6_q16 |
novell | suse_linux | libmagickcore-6_q16-1 | p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1 |
novell | suse_linux | libmagickcore-6_q16-1-debuginfo | p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1-debuginfo |
novell | suse_linux | libmagickwand-6_q16 | p-cpe:/a:novell:suse_linux:libmagickwand-6_q16 |
novell | suse_linux | libmagickwand-6_q16-1-debuginfo | p-cpe:/a:novell:suse_linux:libmagickwand-6_q16-1-debuginfo |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11166
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11170
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11448
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11450
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11528
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11530
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11531
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11533
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11537
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11638
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11642
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12418
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12427
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12429
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12432
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12566
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12654
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12663
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12664
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12665
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12668
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12674
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13058
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13131
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14060
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14139
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14224
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17682
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17885
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17934
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18028
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9405
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5357
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6405
www.nessus.org/u?f1802ee9
bugzilla.suse.com/show_bug.cgi?id=1042824
bugzilla.suse.com/show_bug.cgi?id=1042911
bugzilla.suse.com/show_bug.cgi?id=1048110
bugzilla.suse.com/show_bug.cgi?id=1048272
bugzilla.suse.com/show_bug.cgi?id=1049374
bugzilla.suse.com/show_bug.cgi?id=1049375
bugzilla.suse.com/show_bug.cgi?id=1050048
bugzilla.suse.com/show_bug.cgi?id=1050119
bugzilla.suse.com/show_bug.cgi?id=1050122
bugzilla.suse.com/show_bug.cgi?id=1050126
bugzilla.suse.com/show_bug.cgi?id=1050132
bugzilla.suse.com/show_bug.cgi?id=1050617
bugzilla.suse.com/show_bug.cgi?id=1052207
bugzilla.suse.com/show_bug.cgi?id=1052248
bugzilla.suse.com/show_bug.cgi?id=1052251
bugzilla.suse.com/show_bug.cgi?id=1052254
bugzilla.suse.com/show_bug.cgi?id=1052472
bugzilla.suse.com/show_bug.cgi?id=1052688
bugzilla.suse.com/show_bug.cgi?id=1052711
bugzilla.suse.com/show_bug.cgi?id=1052747
bugzilla.suse.com/show_bug.cgi?id=1052750
bugzilla.suse.com/show_bug.cgi?id=1052754
bugzilla.suse.com/show_bug.cgi?id=1052761
bugzilla.suse.com/show_bug.cgi?id=1055069
bugzilla.suse.com/show_bug.cgi?id=1055229
bugzilla.suse.com/show_bug.cgi?id=1056768
bugzilla.suse.com/show_bug.cgi?id=1057163
bugzilla.suse.com/show_bug.cgi?id=1058009
bugzilla.suse.com/show_bug.cgi?id=1072898
bugzilla.suse.com/show_bug.cgi?id=1074119
bugzilla.suse.com/show_bug.cgi?id=1074170
bugzilla.suse.com/show_bug.cgi?id=1075821
bugzilla.suse.com/show_bug.cgi?id=1076182
bugzilla.suse.com/show_bug.cgi?id=1078433
www.suse.com/security/cve/CVE-2017-11166/
www.suse.com/security/cve/CVE-2017-11170/
www.suse.com/security/cve/CVE-2017-11448/
www.suse.com/security/cve/CVE-2017-11450/
www.suse.com/security/cve/CVE-2017-11528/
www.suse.com/security/cve/CVE-2017-11530/
www.suse.com/security/cve/CVE-2017-11531/
www.suse.com/security/cve/CVE-2017-11533/
www.suse.com/security/cve/CVE-2017-11537/
www.suse.com/security/cve/CVE-2017-11638/
www.suse.com/security/cve/CVE-2017-11642/
www.suse.com/security/cve/CVE-2017-12418/
www.suse.com/security/cve/CVE-2017-12427/
www.suse.com/security/cve/CVE-2017-12429/
www.suse.com/security/cve/CVE-2017-12432/
www.suse.com/security/cve/CVE-2017-12566/
www.suse.com/security/cve/CVE-2017-12654/
www.suse.com/security/cve/CVE-2017-12663/
www.suse.com/security/cve/CVE-2017-12664/
www.suse.com/security/cve/CVE-2017-12665/
www.suse.com/security/cve/CVE-2017-12668/
www.suse.com/security/cve/CVE-2017-12674/
www.suse.com/security/cve/CVE-2017-13058/
www.suse.com/security/cve/CVE-2017-13131/
www.suse.com/security/cve/CVE-2017-14060/
www.suse.com/security/cve/CVE-2017-14139/
www.suse.com/security/cve/CVE-2017-14224/
www.suse.com/security/cve/CVE-2017-17682/
www.suse.com/security/cve/CVE-2017-17885/
www.suse.com/security/cve/CVE-2017-17934/
www.suse.com/security/cve/CVE-2017-18028/
www.suse.com/security/cve/CVE-2017-9405/
www.suse.com/security/cve/CVE-2017-9407/
www.suse.com/security/cve/CVE-2018-5357/
www.suse.com/security/cve/CVE-2018-6405/
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
89.8%