exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2006.155

Mandriva Linux Security Advisory 2006.155
Posted Aug 29, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-155 - Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun bitmap images that trigger heap-based buffer overflows. An integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large bytes_per_pixel, columns, and rows values, which trigger a heap-based buffer overflow.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2006-3743, CVE-2006-3744, CVE-2006-4144
SHA-256 | 17ea48c30ae262993a867073c259c4ec7c7c700fdadae830130ae4309c554f4c

Mandriva Linux Security Advisory 2006.155

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:155
http://www.mandriva.com/security/
_______________________________________________________________________

Package : ImageMagick
Date : August 29, 2006
Affected: 2006.0, Corporate 3.0
_______________________________________________________________________

Problem Description:

Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted
attackers to execute arbitrary code via crafted XCF images. (CVE-2006-3743)

Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted
attackers to execute arbitrary code via crafted Sun bitmap images that trigger
heap-based buffer overflows. (CVE-2006-3744)

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before
6.2.9 allows user-assisted attackers to cause a denial of service (crash)
and possibly execute arbitrary code via large (1) bytes_per_pixel, (2)
columns, and (3) rows values, which trigger a heap-based buffer overflow.
(CVE-2006-4144)

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3743
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3744
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4144
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2006.0:
f7c1f8c63d6e88a21cf040c27bc20115 2006.0/RPMS/ImageMagick-6.2.4.3-1.2.20060mdk.i586.rpm
5b1279e63710439d5906452de7619baf 2006.0/RPMS/ImageMagick-doc-6.2.4.3-1.2.20060mdk.i586.rpm
ead63f1889e5f7ad14e07d229e6a51ff 2006.0/RPMS/libMagick8.4.2-6.2.4.3-1.2.20060mdk.i586.rpm
af843e36e54d540b262be62c9dfc2213 2006.0/RPMS/libMagick8.4.2-devel-6.2.4.3-1.2.20060mdk.i586.rpm
f6a11d5243521e59d4be1c4325c2a46a 2006.0/RPMS/perl-Image-Magick-6.2.4.3-1.2.20060mdk.i586.rpm
e4b6c31d3f78c27d07d1b933b26035d0 2006.0/SRPMS/ImageMagick-6.2.4.3-1.2.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
85730b9e08b041dd79afc26180f3ea64 x86_64/2006.0/RPMS/ImageMagick-6.2.4.3-1.2.20060mdk.x86_64.rpm
a75ca1c0a7497d8618734fd1c805ec6c x86_64/2006.0/RPMS/ImageMagick-doc-6.2.4.3-1.2.20060mdk.x86_64.rpm
69d40772b9caafa636a9645507d3e593 x86_64/2006.0/RPMS/lib64Magick8.4.2-6.2.4.3-1.2.20060mdk.x86_64.rpm
b4cafa52cc359762b4986b78dcaf9556 x86_64/2006.0/RPMS/lib64Magick8.4.2-devel-6.2.4.3-1.2.20060mdk.x86_64.rpm
b3e2b141c626282a7ea075e64bb6b93c x86_64/2006.0/RPMS/perl-Image-Magick-6.2.4.3-1.2.20060mdk.x86_64.rpm
e4b6c31d3f78c27d07d1b933b26035d0 x86_64/2006.0/SRPMS/ImageMagick-6.2.4.3-1.2.20060mdk.src.rpm

Corporate 3.0:
ebb56345796498b2df38fc7559fce769 corporate/3.0/RPMS/ImageMagick-5.5.7.15-6.7.C30mdk.i586.rpm
8d4ed101a407ed9aca298a5e3085745d corporate/3.0/RPMS/ImageMagick-doc-5.5.7.15-6.7.C30mdk.i586.rpm
56c80a65cc5b31d4c8dcdae47c56ba57 corporate/3.0/RPMS/libMagick5.5.7-5.5.7.15-6.7.C30mdk.i586.rpm
4ee186d6f9d004296e530a4f8f298f22 corporate/3.0/RPMS/libMagick5.5.7-devel-5.5.7.15-6.7.C30mdk.i586.rpm
d9797b8c80c4527f8b41b2be56b3cb63 corporate/3.0/RPMS/perl-Magick-5.5.7.15-6.7.C30mdk.i586.rpm
45d71f01651307e4768274e80f72ecfa corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.7.C30mdk.src.rpm

Corporate 3.0/X86_64:
19df6c6601c45fa3774c204e3fd25ba3 x86_64/corporate/3.0/RPMS/ImageMagick-5.5.7.15-6.7.C30mdk.x86_64.rpm
473b57f63e9244de8697b48909f98274 x86_64/corporate/3.0/RPMS/ImageMagick-doc-5.5.7.15-6.7.C30mdk.x86_64.rpm
bde18af5f59aacf8856b9cc90713e6be x86_64/corporate/3.0/RPMS/lib64Magick5.5.7-5.5.7.15-6.7.C30mdk.x86_64.rpm
dcfc5557a3ebf09ceee49311057021e5 x86_64/corporate/3.0/RPMS/lib64Magick5.5.7-devel-5.5.7.15-6.7.C30mdk.x86_64.rpm
6ef9639f8af9e32a9d09a7916a20736c x86_64/corporate/3.0/RPMS/perl-Magick-5.5.7.15-6.7.C30mdk.x86_64.rpm
45d71f01651307e4768274e80f72ecfa x86_64/corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.7.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFE9C0EmqjQ0CJFipgRAmz1AJ4sNhz6tRHJcjCD/RPjAep0Zixo+ACfdH1c
cjCyOOO7ypteNoVP4tsiDHM=
=nr99
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close