Secunia Security Advisory 22834

Secunia Security Advisory 22834: Posted Nov 16, 2006; Authored by Secunia | Site secunia.com; Secunia Security Advisory - SUSE has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.; tags | advisory, denial of service, vulnerability; systems | linux, suse; SHA-256 | 5eb14bc0d558b4802b7e9bfcfd79ffa8796eec62209d30085a92ffdee84a05ba; Download | Favorite | View

Secunia Security Advisory 22834



----------------------------------------------------------------------

To improve our services to our customers, we have made a number of
additions to the Secunia Advisories and have started translating the
advisories to German.

The improvements will help our customers to get a better
understanding of how we reached our conclusions, how it was rated,
our thoughts on exploitation, attack vectors, and scenarios.

This includes:
* Reason for rating
* Extended description
* Extended solution
* Exploit code or links to exploit code
* Deep links

Read the full description:
http://corporate.secunia.com/products/48/?r=l

Contact Secunia Sales for more information:
http://corporate.secunia.com/how_to_buy/15/?r=l

----------------------------------------------------------------------

TITLE:
SUSE update for ImageMagick

SECUNIA ADVISORY ID:
SA22834

VERIFY ADVISORY:
http://secunia.com/advisories/22834/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
>From remote

OPERATING SYSTEM:
SUSE Linux 10.1
http://secunia.com/product/10796/
SUSE Linux 10
http://secunia.com/product/6221/
SuSE Linux 9.0
http://secunia.com/product/2467/
SUSE Linux 9.3
http://secunia.com/product/4933/
SuSE Linux Openexchange Server 4.x
http://secunia.com/product/2001/
SuSE Linux Standard Server 8
http://secunia.com/product/2526/
SuSE Linux Desktop 1.x
http://secunia.com/product/2002/

DESCRIPTION:
SUSE has issued an update for ImageMagick. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) and potentially compromise a vulnerable
system.

For more information:
SA22572

SOLUTION:
Apply updated packages.

x86 Platform:

SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/ImageMagick-6.2.5-16.10.i586.rpm
53a00589ee258f1e45a692e9ce12aeba
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/ImageMagick-Magick++-6.2.5-16.10.i586.rpm
c30d0dfeee41c23b99d833358b274f55
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/ImageMagick-Magick++-devel-6.2.5-16.10.i586.rpm
a0d70475369c851b8a7a36995ae38f89
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/ImageMagick-devel-6.2.5-16.10.i586.rpm
bdb09dd70f7883d63a40f30680eca4cd
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/perl-PerlMagick-6.2.5-16.10.i586.rpm
5aa843a0c9b21be524034977dc7f5762

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ImageMagick-6.2.3-4.6.i586.rpm
cd473f0b81b40c2d7387eeccec9126a6
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ImageMagick-Magick++-6.2.3-4.6.i586.rpm
29caed1aaa2aad1cb02a6dc3043e797b
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ImageMagick-Magick++-devel-6.2.3-4.6.i586.rpm
b4b4c654d7f1315e5ff2f524da2831f1
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ImageMagick-devel-6.2.3-4.6.i586.rpm
e02ff46acf16bfa5d7a8abdda4f9c10b
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/perl-PerlMagick-6.2.3-4.6.i586.rpm
abd013195ae2e6dd6f3d36f1a40faf9d

SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ImageMagick-6.1.8-6.6.i586.rpm
a6015f397a33caca9465325d3593e408
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ImageMagick-Magick++-6.1.8-6.6.i586.rpm
4ecdae14291bfac5ac0fb2030a33cae5
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ImageMagick-Magick++-devel-6.1.8-6.6.i586.rpm
6073ce67170c759aafb362879a78d3ce
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ImageMagick-devel-6.1.8-6.6.i586.rpm
ba2e72511d4cf8bc43883fc965d176af
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/perl-PerlMagick-6.1.8-6.6.i586.rpm
f18b1fd1d40e323d0656943b7aacbf7a

Power PC Platform:

SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/ImageMagick-6.2.5-16.10.ppc.rpm
0ce17968ee4b88e82b03969d83cfb877
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/ImageMagick-Magick++-6.2.5-16.10.ppc.rpm
6dd51385fd0a7fa296ce28559bbed9c3
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/ImageMagick-Magick++-devel-6.2.5-16.10.ppc.rpm
952219aef97fd57e91fb1dfc5c67eeba
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/ImageMagick-devel-6.2.5-16.10.ppc.rpm
61b69423fef382664812b67bd7e467a5
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/perl-PerlMagick-6.2.5-16.10.ppc.rpm
017968d9d41f1618b33eedd76fc48c10

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/ImageMagick-6.2.3-4.6.ppc.rpm
327ca2796926ffef811188996a666bdd
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/ImageMagick-Magick++-6.2.3-4.6.ppc.rpm
1c1fe905aa0c0b944eae02bb6188ac24
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/ImageMagick-Magick++-devel-6.2.3-4.6.ppc.rpm
6941f64579f8e2ea751a9f61ac731b60
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/ImageMagick-devel-6.2.3-4.6.ppc.rpm
6de9945e06b2332f4c7f8e59623703b5
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/perl-PerlMagick-6.2.3-4.6.ppc.rpm
0bc9c802c61e8004f554eec60983cc07

x86-64 Platform:

SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/ImageMagick-6.2.5-16.10.x86_64.rpm
3b0fc7e0d61599bb6ec8de677de12069
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/ImageMagick-Magick++-6.2.5-16.10.x86_64.rpm
a8d269a5e6d216919d4f3ef5048c07f0
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/ImageMagick-Magick++-devel-6.2.5-16.10.x86_64.rpm
39756fc165eb7dcf416a4120ac52818a
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/ImageMagick-devel-6.2.5-16.10.x86_64.rpm
66f2643a53e78307f5d9081b475fe53b
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/perl-PerlMagick-6.2.5-16.10.x86_64.rpm
b4f8088f97b2735f42e52c46b801ab83

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/ImageMagick-6.2.3-4.6.x86_64.rpm
aabb1f9abb5bf686b7f872cc23d891d0
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/ImageMagick-Magick++-6.2.3-4.6.x86_64.rpm
52d9ab106555003e8fa3a72f1d5c3cb4
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/ImageMagick-Magick++-devel-6.2.3-4.6.x86_64.rpm
aac46f4da8928ef27556a1a971b0580f
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/ImageMagick-devel-6.2.3-4.6.x86_64.rpm
00a81102fa19303cbf40c0414e361b6f
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/perl-PerlMagick-6.2.3-4.6.x86_64.rpm
a8114375ac411502b5a4b367c587125a

SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ImageMagick-6.1.8-6.6.x86_64.rpm
ad2633bb68a390e8bcb1cf248ba95020
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ImageMagick-Magick++-6.1.8-6.6.x86_64.rpm
dd507ecf6222ed14ce3f90d51a6d996e
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ImageMagick-Magick++-devel-6.1.8-6.6.x86_64.rpm
7a403f2364da96b132c7957f80c6d540
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ImageMagick-devel-6.1.8-6.6.x86_64.rpm
4b0a5865abec3dae751ba1b5ae653044
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/perl-PerlMagick-6.1.8-6.6.x86_64.rpm
74cd0a2dad875a8019adf12a2536743a

Sources:

SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/ImageMagick-6.2.5-16.10.src.rpm
78474b3af1b7e120694e2e3cc6d034f4

SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/ImageMagick-6.2.3-4.6.src.rpm
0ae17c894f34961cfb3f0e070167c8f0

SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/ImageMagick-6.1.8-6.6.src.rpm
f2a276ad3c03ab1ffd7e10336e70274c

Our maintenance customers are notified individually. The packages
are
offered for installation from the maintenance web:

SuSE Linux Openexchange Server 4
http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html

SLES SDK 9
http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html

Novell Linux Desktop 9
http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html

SuSE Linux Standard Server 8
http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html

SuSE Linux School Server
http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html

SuSE Linux Desktop 1.0
http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html

SLE SDK 10
http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html

SUSE SLED 10
http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html

ORIGINAL ADVISORY:
http://lists.suse.com/archive/suse-security-announce/2006-Nov/0003.html

OTHER REFERENCES:
SA22572:
http://secunia.com/advisories/22572

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Top Authors In Last 30 Days

Red Hat 256 files
Jay Turla 150 files
indoushka 149 files
Ubuntu 67 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Debian 24 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,066)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,731)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,807)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

Secunia Security Advisory 22834

Secunia Security Advisory 22834

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Secunia Security Advisory 22834

Share This

Secunia Security Advisory 22834

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems