Lucene search
Debian Security Advisory DSA 547-1 (imagemagic)
🗓️ 17 Jan 2008 00:00:00Reported by Copyright (C) 2008 E-Soft Inc.Type 
openvas🔗 plugins.openvas.org👁 21 Views
The remote host is missing an update to imagemagic announced via advisory DSA 547-1. The update fixes buffer overflows in ImageMagick graphics library
Show more
| Reporter | Title | Published | Views | Family All 29 |
|---|---|---|---|---|
| Debian Security Advisory DSA 547-1 (imagemagic) | 17 Jan 200800:00 | – | openvas |
| FreeBSD Ports: ImageMagick, ImageMagick-nox11 | 4 Sep 200800:00 | – | openvas |
| FreeBSD Ports: ImageMagick, ImageMagick-nox11 | 4 Sep 200800:00 | – | openvas |
| Ubuntu: Security Advisory (USN-35-1) | 26 Aug 202200:00 | – | openvas |
 | CVE-2004-0827 | 24 Sep 200404:00 | – | cvelist |
 | imagemagick vulnerabilities | 1 Dec 200400:00 | – | ubuntu |
 | [SECURITY] [DSA 547-1] New Imagemagic packages fix buffer overflows | 16 Sep 200410:10 | – | debian |
| [SECURITY] [DSA 547-1] New Imagemagic packages fix buffer overflows | 16 Sep 200410:10 | – | debian |
 | CAN-2004-0827 | 23 Feb 202418:57 | – | cve |
| CVE-2004-0827 | 24 Sep 200404:00 | – | cve |
10
| Source | Link |
|---|---|
| secure1 | www.secure1.securityspace.com/smysecure/catid.html |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53236");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2008-01-17 22:45:44 +0100 (Thu, 17 Jan 2008)");
script_cve_id("CVE-2004-0827");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Debian Security Advisory DSA 547-1 (imagemagic)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB3\.0");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20547-1");
script_tag(name:"insight", value:"Marcus Meissner from SUSE has discovered several buffer overflows in
the ImageMagick graphics library. An attacker could create a
malicious image or video file in AVI, BMP, or DIB format that could
crash the reading process. It might be possible that carefully
crafted images could also allow to execute arbitrary code with the
capabilities of the invoking process.
For the stable distribution (woody) this problem has been fixed in
version 5.4.4.5-1woody3.
For the unstable distribution (sid) this problem has been fixed in
version 6.0.6.2-1.");
script_tag(name:"solution", value:"We recommend that you upgrade your imagemagick packages.");
script_tag(name:"summary", value:"The remote host is missing an update to imagemagic
announced via advisory DSA 547-1.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"imagemagick", ver:"5.4.4.5-1woody3", rls:"DEB3.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libmagick++5", ver:"5.4.4.5-1woody3", rls:"DEB3.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libmagick++5-dev", ver:"5.4.4.5-1woody3", rls:"DEB3.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libmagick5", ver:"5.4.4.5-1woody3", rls:"DEB3.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libmagick5-dev", ver:"5.4.4.5-1woody3", rls:"DEB3.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"perlmagick", ver:"5.4.4.5-1woody3", rls:"DEB3.0")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo17 Jan 2008 00:00Current
6.6Medium risk
Vulners AI Score6.6
CVSS27.5
EPSS0.03195