Executive Summary
| Summary | |
|---|---|
| Title | New ImageMagick packages fix arbitrary command execution |
| Informations | |||
|---|---|---|---|
| Name | DSA-957 | First vendor Publication | 2006-01-26 |
| Vendor | Debian | Last vendor Modification | 2006-01-31 |
| Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Florian Weimer discovered that delegate code in ImageMagick is vulnerable to shell command injection using specially crafted file names. This allows attackers to encode commands inside of graphic commands. With some user interaction, this is exploitable through Gnus and Thunderbird. This update filters out the '$' character as well, which was forgotton in the former update. For the old stable distribution (woody) this problem has been fixed in version 5.4.4.5-1woody8. For the stable distribution (sarge) this problem has been fixed in version 6.0.6.2-2.6. For the unstable distribution (sid) this problem has been fixed in version 6.2.4.5-0.6. We recommend that you upgrade your imagemagick packages. |
Original Source
| Url : http://www.debian.org/security/2006/dsa-957 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10353 | |||
| Oval ID: | oval:org.mitre.oval:def:10353 | ||
| Title: | The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. | ||
| Description: | The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2005-4601 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-06-03 | Name : Solaris Update for ImageMagick 136882-02 File : nvt/gb_solaris_136882_02.nasl |
| 2009-06-03 | Name : Solaris Update for ImageMagick 136883-02 File : nvt/gb_solaris_136883_02.nasl |
| 2009-06-03 | Name : Solaris Update for ImageMagick 137038-01 File : nvt/gb_solaris_137038_01.nasl |
| 2009-06-03 | Name : Solaris Update for ImageMagick 137039-01 File : nvt/gb_solaris_137039_01.nasl |
| 2009-02-27 | Name : Fedora Update for GraphicsMagick FEDORA-2007-1340 File : nvt/gb_fedora_2007_1340_GraphicsMagick_fc7.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 957-1 (imagemagick) File : nvt/deb_957_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 957-2 (imagemagick) File : nvt/deb_957_2.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2006-045-03 imagemagick File : nvt/esoft_slk_ssa_2006_045_03.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 22121 | ImageMagick Delegate Code Multiple Utility Crafted File Name Arbitrary Shell ... Various ImageMagick utilities fail to correctly validate image file names. The issue is triggered when specially crafted shell commands are part of the file name provided. It is possible that the flaw may allow execution of arbitrary shell commands, resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1340.nasl - Type : ACT_GATHER_INFO |
| 2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-957.nasl - Type : ACT_GATHER_INFO |
| 2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2006-0178.nasl - Type : ACT_GATHER_INFO |
| 2006-03-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-246-1.nasl - Type : ACT_GATHER_INFO |
| 2006-02-15 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2006-045-03.nasl - Type : ACT_GATHER_INFO |
| 2006-02-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0178.nasl - Type : ACT_GATHER_INFO |
| 2006-01-29 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-024.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:34:52 |
|
