Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2023-2870-1.NASLHistoryJul 19, 2023 - 12:00 a.m.
SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2023:2870-1)
2023-07-1900:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
suse linux
imagemagick
buffer overflow
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
21.4%
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2870-1 advisory.
- A stack-based buffer overflow issue was found in ImageMagick’s coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service. (CVE-2023-3195)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2023:2870-1. The text itself
# is copyright (C) SUSE.
##
include('compat.inc');
if (description)
{
script_id(178454);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/19");
script_cve_id("CVE-2023-3195");
script_xref(name:"SuSE", value:"SUSE-SU-2023:2870-1");
script_name(english:"SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2023:2870-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a
vulnerability as referenced in the SUSE-SU-2023:2870-1 advisory.
- A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker
to trick the user into opening a specially crafted malicious tiff file, causing an application to crash,
resulting in a denial of service. (CVE-2023-3195)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1212235");
# https://lists.suse.com/pipermail/sle-security-updates/2023-July/015518.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?33f1d47b");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-3195");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-3195");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/06/01");
script_set_attribute(attribute:"patch_publication_date", value:"2023/07/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/07/19");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick-config-6-SUSE");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick-config-6-upstream");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagick++-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:perl-PerlMagick");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLED_SAP12|SLES12|SLES_SAP12)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED12 SP5", os_ver + " SP" + service_pack);
if (os_ver == "SLED_SAP12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED_SAP12 SP5", os_ver + " SP" + service_pack);
if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP12 SP5", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'ImageMagick-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'ImageMagick-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'ImageMagick-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'ImageMagick-config-6-SUSE-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'ImageMagick-config-6-upstream-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'ImageMagick-devel-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libMagick++-6_Q16-3-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libMagick++-6_Q16-3-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libMagick++-6_Q16-3-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libMagick++-devel-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libMagickCore-6_Q16-1-32bit-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libMagickCore-6_Q16-1-32bit-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libMagickCore-6_Q16-1-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'libMagickWand-6_Q16-1-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'perl-PerlMagick-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
{'reference':'ImageMagick-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'ImageMagick-config-6-SUSE-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'ImageMagick-config-6-upstream-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'ImageMagick-devel-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'libMagick++-6_Q16-3-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'libMagick++-devel-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'perl-PerlMagick-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},
{'reference':'ImageMagick-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-12.5', 'sles-release-12.5']},
{'reference':'ImageMagick-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-12.5', 'sles-release-12.5']},
{'reference':'libMagick++-6_Q16-3-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-12.5', 'sles-release-12.5']},
{'reference':'libMagick++-6_Q16-3-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-12.5', 'sles-release-12.5']},
{'reference':'libMagickCore-6_Q16-1-32bit-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-12.5', 'sles-release-12.5']},
{'reference':'libMagickCore-6_Q16-1-32bit-6.8.8.1-71.192.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-12.5', 'sles-release-12.5']},
{'reference':'libMagickCore-6_Q16-1-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
{'reference':'libMagickWand-6_Q16-1-6.8.8.1-71.192.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ImageMagick / ImageMagick-config-6-SUSE / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | imagemagick | p-cpe:/a:novell:suse_linux:imagemagick |
| novell | suse_linux | imagemagick-config-6-suse | p-cpe:/a:novell:suse_linux:imagemagick-config-6-suse |
| novell | suse_linux | imagemagick-config-6-upstream | p-cpe:/a:novell:suse_linux:imagemagick-config-6-upstream |
| novell | suse_linux | imagemagick-devel | p-cpe:/a:novell:suse_linux:imagemagick-devel |
| novell | suse_linux | libmagick%2b%2b-6_q16-3 | p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16-3 |
| novell | suse_linux | libmagick%2b%2b-devel | p-cpe:/a:novell:suse_linux:libmagick%2b%2b-devel |
| novell | suse_linux | libmagickcore-6_q16-1 | p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1 |
| novell | suse_linux | libmagickcore-6_q16-1-32bit | p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1-32bit |
| novell | suse_linux | libmagickwand-6_q16-1 | p-cpe:/a:novell:suse_linux:libmagickwand-6_q16-1 |
| novell | suse_linux | perl-perlmagick | p-cpe:/a:novell:suse_linux:perl-perlmagick |
Related
redhatcve
redhatcve
CVE-2023-3195
2023-06-13 12:54:37
amazon
amazon
Medium: ImageMagick
2023-07-17 17:39:00
Medium: ImageMagick
2023-07-13 23:57:00
nessus
nessus
ImageMagick < 6.9.12-93 / 7.1.1.0 < 7.1.1-15 Buffer Overflow Condition
2023-08-10 00:00:00
Amazon Linux 2 : ImageMagick (ALAS-2023-2128)
2023-07-20 00:00:00
Amazon Linux AMI : ImageMagick (ALAS-2023-1781)
2023-07-20 00:00:00
cvelist
cvelist
CVE-2023-3195
2023-06-16 00:00:00
nvd
nvd
CVE-2023-3195
2023-06-16 20:15:09
veracode
veracode
Denial Of Service (DoS)
2023-06-28 10:51:16
prion
prion
Stack overflow
2023-06-16 20:15:00
debiancve
debiancve
CVE-2023-3195
2023-06-16 20:15:09
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:2870-1)
2023-07-19 00:00:00
Fedora: Security Advisory for ImageMagick (FEDORA-2023-27548af422)
2023-08-25 00:00:00
Mageia: Security Advisory (MGASA-2024-0064)
2024-03-18 00:00:00
cve
cve
CVE-2023-3195
2023-06-16 20:15:09
ubuntucve
ubuntucve
CVE-2023-3195
2023-06-16 00:00:00
osv
osv
CVE-2023-3195
2023-06-16 20:15:09
imagemagick vulnerabilities
2023-07-04 09:23:39
photon
photon
Moderate Photon OS Security Update - PHSA-2023-3.0-0699
2023-12-14 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: ImageMagick-7.1.1.15-1.fc38
2023-08-24 01:32:21
[SECURITY] Fedora 37 Update: ImageMagick-6.9.12.93-1.fc37
2023-08-31 01:20:29
mageia
mageia
Updated imagemagick packages fix security vulnerabilities
2024-03-16 01:51:55
ubuntu
ubuntu
ImageMagick vulnerabilities
2023-07-04 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
21.4%
Related for SUSE_SU-2023-2870-1.NASL