Lucene search
Copyright (C) 2019 Greenbone Networks GmbHOPENVAS:1361412562310844242HistoryNov 15, 2019 - 12:00 a.m.
Ubuntu Update for imagemagick USN-4192-1
2019-11-1500:00:00
Copyright (C) 2019 Greenbone Networks GmbH
plugins.openvas.org
18
The remote host is missing an update for the
# Copyright (C) 2019 Greenbone Networks GmbH
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (C) the respective author(s)
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.844242");
script_version("2019-12-12T11:35:23+0000");
script_cve_id("CVE-2019-12974", "CVE-2019-12975", "CVE-2019-12976", "CVE-2019-12977", "CVE-2019-12978", "CVE-2019-12979", "CVE-2019-13135", "CVE-2019-13137", "CVE-2019-13295", "CVE-2019-13297", "CVE-2019-13300", "CVE-2019-13301", "CVE-2019-13304", "CVE-2019-13305", "CVE-2019-13306", "CVE-2019-13307", "CVE-2019-13308", "CVE-2019-13309", "CVE-2019-13310", "CVE-2019-13311", "CVE-2019-13391", "CVE-2019-13454", "CVE-2019-14981", "CVE-2019-15139", "CVE-2019-15140", "CVE-2019-16708", "CVE-2019-16709", "CVE-2019-16710", "CVE-2019-16711", "CVE-2019-16713");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_tag(name:"last_modification", value:"2019-12-12 11:35:23 +0000 (Thu, 12 Dec 2019)");
script_tag(name:"creation_date", value:"2019-11-15 03:00:52 +0000 (Fri, 15 Nov 2019)");
script_name("Ubuntu Update for imagemagick USN-4192-1");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2019 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=(UBUNTU18\.04 LTS|UBUNTU19\.10|UBUNTU19\.04|UBUNTU16\.04 LTS)");
script_xref(name:"USN", value:"4192-1");
script_xref(name:"URL", value:"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-November/005210.html");
script_tag(name:"summary", value:"The remote host is missing an update for the 'imagemagick'
package(s) announced via the USN-4192-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"It was discovered that ImageMagick incorrectly handled certain malformed
image files. If a user or automated system using ImageMagick were tricked
into opening a specially crafted image, an attacker could exploit this to
cause a denial of service or possibly execute code with the privileges of
the user invoking the program.");
script_tag(name:"affected", value:"'imagemagick' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU18.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"imagemagick", ver:"8:6.9.7.4+dfsg-16ubuntu6.8", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"imagemagick-6.q16", ver:"8:6.9.7.4+dfsg-16ubuntu6.8", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"-6.q16-7", ver:"8:6.9.7.4+dfsg-16ubuntu6.8", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmagickcore-6.q16-3", ver:"8:6.9.7.4+dfsg-16ubuntu6.8", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmagickcore-6.q16-3-extra", ver:"8:6.9.7.4+dfsg-16ubuntu6.8", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU19.10") {
if(!isnull(res = isdpkgvuln(pkg:"imagemagick", ver:"8:6.9.10.23+dfsg-2.1ubuntu3.1", rls:"UBUNTU19.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"imagemagick-6.q16", ver:"8:6.9.10.23+dfsg-2.1ubuntu3.1", rls:"UBUNTU19.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"-6.q16-8", ver:"8:6.9.10.23+dfsg-2.1ubuntu3.1", rls:"UBUNTU19.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmagickcore-6.q16-6", ver:"8:6.9.10.23+dfsg-2.1ubuntu3.1", rls:"UBUNTU19.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmagickcore-6.q16-6-extra", ver:"8:6.9.10.23+dfsg-2.1ubuntu3.1", rls:"UBUNTU19.10"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU19.04") {
if(!isnull(res = isdpkgvuln(pkg:"imagemagick", ver:"8:6.9.10.14+dfsg-7ubuntu2.3", rls:"UBUNTU19.04"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"imagemagick-6.q16", ver:"8:6.9.10.14+dfsg-7ubuntu2.3", rls:"UBUNTU19.04"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"-6.q16-8", ver:"8:6.9.10.14+dfsg-7ubuntu2.3", rls:"UBUNTU19.04"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmagickcore-6.q16-6", ver:"8:6.9.10.14+dfsg-7ubuntu2.3", rls:"UBUNTU19.04"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmagickcore-6.q16-6-extra", ver:"8:6.9.10.14+dfsg-7ubuntu2.3", rls:"UBUNTU19.04"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU16.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"imagemagick", ver:"8:6.8.9.9-7ubuntu5.15", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"imagemagick-6.q16", ver:"8:6.8.9.9-7ubuntu5.15", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"-6.q16-5v5", ver:"8:6.8.9.9-7ubuntu5.15", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmagickcore-6.q16-2", ver:"8:6.8.9.9-7ubuntu5.15", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmagickcore-6.q16-2-extra", ver:"8:6.8.9.9-7ubuntu5.15", rls:"UBUNTU16.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
cloudfoundry
cloudfoundry
USN-4192-1: ImageMagick vulnerabilities | Cloud Foundry
2019-11-18 00:00:00
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : ImageMagick vulnerabilities (USN-4192-1)
2019-11-15 00:00:00
SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2019:2010-1)
2019-08-12 00:00:00
EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2020-2090)
2020-09-28 00:00:00
ubuntu
ubuntu
ImageMagick vulnerabilities
2019-11-14 00:00:00
openvas
openvas
openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2019:1983-1)
2019-08-22 00:00:00
Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-1889)
2020-01-23 00:00:00
ImageMagick <= 7.0.8-34 Multiple Vulnerabilities (Mac OS X)
2019-07-01 00:00:00
osv
osv
imagemagick - security update
2019-08-16 00:00:00
imagemagick - security update
2020-06-30 00:00:00
imagemagick - security update
2020-07-02 00:00:00
debian
debian
[SECURITY] [DLA 1888-1] imagemagick security update
2019-08-16 14:14:20
[SECURITY] [DSA 4712-1] imagemagick security update
2020-06-30 20:31:53
[SECURITY] [DSA 4715-1] imagemagick security update
2020-07-02 18:34:51
suse
suse
Security update for ImageMagick (moderate)
2019-08-21 00:00:00
Security update for ImageMagick (moderate)
2019-11-16 00:00:00
Security update for ImageMagick (moderate)
2019-11-15 00:00:00
ibm
ibm
Security Bulletin: IBM Integration Bus Hyper visor Edition V9.0 require customer action for security vulnerabilities in Red Hat Linux
2020-01-21 09:05:12
ubuntucve
ubuntucve
amazon
amazon
Medium: php56-pecl-imagick
2023-08-21 12:14:00
Medium: php55-pecl-imagick
2023-08-21 12:14:00
Important: ImageMagick
2024-01-19 01:51:00
oraclelinux
oraclelinux
ImageMagick security, bug fix, and enhancement update
2020-04-06 00:00:00
redhat
redhat
centos
centos
ImageMagick, autotrace, emacs, inkscape security update
2020-04-08 17:42:49
cve
cve
debiancve
debiancve
redhatcve
redhatcve
prion
prion
Heap overflow
2019-07-07 22:15:00
Memory corruption
2019-07-01 20:15:00
Design/Logic Flaw
2019-06-26 18:15:00
veracode
veracode
Denial Of Service (DoS)
2019-06-27 08:23:57
Arbitrary Code Execution
2020-05-10 23:22:34
Denial Of Service (DoS)
2020-03-27 13:17:01
alpinelinux
alpinelinux
f5
f5
K20336394 : ImageMagick vulnerability CVE-2019-13135
2019-10-08 00:00:00
mageia
mageia
Updated graphicsmagick packages fix security vulnerability
2019-12-06 17:15:42
Related for OPENVAS:1361412562310844242