exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2006.193

Mandriva Linux Security Advisory 2006.193
Posted Nov 1, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-193: Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
SHA-256 | a075da044882737ae4b41b0fff9c45e67b2bd7aa97983a7af8befb943fe5f1d3
Download | Favorite | View

Mandriva Linux Security Advisory 2006.193

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:193
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : ImageMagick
 Date    : October 30, 2006
 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Multiple buffer overflows in GraphicsMagick before 1.1.7 and
 ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of
 service and possibly execute execute arbitrary code via (1) a DCM image
 that is not properly handled by the ReadDCMImage function in
 coders/dcm.c, or (2) a PALM image that is not properly handled by the
 ReadPALMImage function in coders/palm.c.

 Updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 9cff2af0f77ac36aa384c7c4514f36f0  2006.0/i586/ImageMagick-6.2.4.3-1.3.20060mdk.i586.rpm
 8405ecc145ef62333e6b4e786c3c140e  2006.0/i586/ImageMagick-doc-6.2.4.3-1.3.20060mdk.i586.rpm
 296450899da34bbde2d56e5259686d96  2006.0/i586/libMagick8.4.2-6.2.4.3-1.3.20060mdk.i586.rpm
 bc576e4aa2425b60d38c97d783c982c0  2006.0/i586/libMagick8.4.2-devel-6.2.4.3-1.3.20060mdk.i586.rpm
 2154b0021e296482ea3e3d8880559dcb  2006.0/i586/perl-Image-Magick-6.2.4.3-1.3.20060mdk.i586.rpm 
 5302895646e0bccbe9c0c5c1f4e11cec  2006.0/SRPMS/ImageMagick-6.2.4.3-1.3.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 37c26759a68c17030f75043060cfc2b4  2006.0/x86_64/ImageMagick-6.2.4.3-1.3.20060mdk.x86_64.rpm
 4f88d24083c634afe7860e24075151ca  2006.0/x86_64/ImageMagick-doc-6.2.4.3-1.3.20060mdk.x86_64.rpm
 274785820d8543a27aa254ff6a086ef2  2006.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.3.20060mdk.x86_64.rpm
 02a7e7432374fcb5ace201bab9a6e1d7  2006.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.3.20060mdk.x86_64.rpm
 ac8846ce3a292e4b1ffc791c10a20a74  2006.0/x86_64/perl-Image-Magick-6.2.4.3-1.3.20060mdk.x86_64.rpm 
 5302895646e0bccbe9c0c5c1f4e11cec  2006.0/SRPMS/ImageMagick-6.2.4.3-1.3.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 259fc249b1dbbf6c58257b6908532140  2007.0/i586/ImageMagick-6.2.9.2-1.1mdv2007.0.i586.rpm
 c8ff934b06f802278f7bcd3c9d3bab96  2007.0/i586/ImageMagick-doc-6.2.9.2-1.1mdv2007.0.i586.rpm
 b72caa9c374ca69892255cddc521b073  2007.0/i586/libMagick10.4.0-6.2.9.2-1.1mdv2007.0.i586.rpm
 0a6d767cf14550aa8a20215e01873272  2007.0/i586/libMagick10.4.0-devel-6.2.9.2-1.1mdv2007.0.i586.rpm
 259991496195ecf4e7d75cc96f4f4235  2007.0/i586/perl-Image-Magick-6.2.9.2-1.1mdv2007.0.i586.rpm 
 5db799ea7e3150a4d124cc8468418163  2007.0/SRPMS/ImageMagick-6.2.9.2-1.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 5957de896d84e071fc73e32d184b9ff5  2007.0/x86_64/ImageMagick-6.2.9.2-1.1mdv2007.0.x86_64.rpm
 2b91a2815b70a243f99b88c62664b5dc  2007.0/x86_64/ImageMagick-doc-6.2.9.2-1.1mdv2007.0.x86_64.rpm
 92b14592306acfab456d2b6fe0c335cd  2007.0/x86_64/lib64Magick10.4.0-6.2.9.2-1.1mdv2007.0.x86_64.rpm
 779dd5bf3491a3a3fffcbe542e761d79  2007.0/x86_64/lib64Magick10.4.0-devel-6.2.9.2-1.1mdv2007.0.x86_64.rpm
 173459bbde013ce76a500b3316cac9eb  2007.0/x86_64/perl-Image-Magick-6.2.9.2-1.1mdv2007.0.x86_64.rpm 
 5db799ea7e3150a4d124cc8468418163  2007.0/SRPMS/ImageMagick-6.2.9.2-1.1mdv2007.0.src.rpm

 Corporate 3.0:
 3c3e93caa3752c6a83bf258a7c13f3dc  corporate/3.0/i586/ImageMagick-5.5.7.15-6.8.C30mdk.i586.rpm
 280341a8df9e0505ab906e8da7ad0558  corporate/3.0/i586/ImageMagick-doc-5.5.7.15-6.8.C30mdk.i586.rpm
 650c884639355e492ee879a7cfbddbc7  corporate/3.0/i586/libMagick5.5.7-5.5.7.15-6.8.C30mdk.i586.rpm
 13ccb4cb86f566cd0c811109a9dc0dd1  corporate/3.0/i586/libMagick5.5.7-devel-5.5.7.15-6.8.C30mdk.i586.rpm
 48035e977de33e09b908a3f512f94e72  corporate/3.0/i586/perl-Magick-5.5.7.15-6.8.C30mdk.i586.rpm 
 c7894af769352505f059b0e16b9a34cc  corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.8.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 a096885d2bcaa9820c17e1a4dd71b5e3  corporate/3.0/x86_64/ImageMagick-5.5.7.15-6.8.C30mdk.x86_64.rpm
 77d7216b6c3c92802470c929bf3fadc1  corporate/3.0/x86_64/ImageMagick-doc-5.5.7.15-6.8.C30mdk.x86_64.rpm
 b8831dbe0e86ef1d86219c6d9e66f62e  corporate/3.0/x86_64/lib64Magick5.5.7-5.5.7.15-6.8.C30mdk.x86_64.rpm
 e86dd59f34359230ea5fc7b58cb2a59e  corporate/3.0/x86_64/lib64Magick5.5.7-devel-5.5.7.15-6.8.C30mdk.x86_64.rpm
 a6d2ee48d4c91ba79b31d26b5f1e83b4  corporate/3.0/x86_64/perl-Magick-5.5.7.15-6.8.C30mdk.x86_64.rpm 
 c7894af769352505f059b0e16b9a34cc  corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.8.C30mdk.src.rpm

 Corporate 4.0:
 44b50bffc31a13fa724e923e407e5704  corporate/4.0/i586/ImageMagick-6.2.4.3-1.3.20060mlcs4.i586.rpm
 5efe5a1942bed2207adf2d3b2c36e46b  corporate/4.0/i586/ImageMagick-doc-6.2.4.3-1.3.20060mlcs4.i586.rpm
 558d6f229a8fe1748bbded9e768810e7  corporate/4.0/i586/libMagick8.4.2-6.2.4.3-1.3.20060mlcs4.i586.rpm
 ebe94e9238780355631db170fc2aaaad  corporate/4.0/i586/libMagick8.4.2-devel-6.2.4.3-1.3.20060mlcs4.i586.rpm
 fc13aa3e6ecfc36940080b9da42950a3  corporate/4.0/i586/perl-Image-Magick-6.2.4.3-1.3.20060mlcs4.i586.rpm 
 343443bbd8220c90bb032d524f63e503  corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.3.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 670292a2b380dd9fdc7643f13a9e3599  corporate/4.0/x86_64/ImageMagick-6.2.4.3-1.3.20060mlcs4.x86_64.rpm
 decb45c0eada9bd5c51426b798ecc95e  corporate/4.0/x86_64/ImageMagick-doc-6.2.4.3-1.3.20060mlcs4.x86_64.rpm
 3ceb638aef243a6e9c3a26cc33809f0b  corporate/4.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.3.20060mlcs4.x86_64.rpm
 6c4535cf487832fbed1e37ff9cd225a7  corporate/4.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.3.20060mlcs4.x86_64.rpm
 3987e468326d5a5d647312e8da336b09  corporate/4.0/x86_64/perl-Image-Magick-6.2.4.3-1.3.20060mlcs4.x86_64.rpm 
 343443bbd8220c90bb032d524f63e503  corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.3.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFRn7PmqjQ0CJFipgRApchAKCgBxNCeZgCRKdBS+o51zKUYxnljACgqu7s
C62gja6i/BvaGxLmLzgfdoA=
=P7jm
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close