---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: SUSE update for ImageMagick SECUNIA ADVISORY ID: SA22834 VERIFY ADVISORY: http://secunia.com/advisories/22834/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux 10 http://secunia.com/product/6221/ SuSE Linux 9.0 http://secunia.com/product/2467/ SUSE Linux 9.3 http://secunia.com/product/4933/ SuSE Linux Openexchange Server 4.x http://secunia.com/product/2001/ SuSE Linux Standard Server 8 http://secunia.com/product/2526/ SuSE Linux Desktop 1.x http://secunia.com/product/2002/ DESCRIPTION: SUSE has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA22572 SOLUTION: Apply updated packages. x86 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/ImageMagick-6.2.5-16.10.i586.rpm 53a00589ee258f1e45a692e9ce12aeba ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/ImageMagick-Magick++-6.2.5-16.10.i586.rpm c30d0dfeee41c23b99d833358b274f55 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/ImageMagick-Magick++-devel-6.2.5-16.10.i586.rpm a0d70475369c851b8a7a36995ae38f89 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/ImageMagick-devel-6.2.5-16.10.i586.rpm bdb09dd70f7883d63a40f30680eca4cd ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/perl-PerlMagick-6.2.5-16.10.i586.rpm 5aa843a0c9b21be524034977dc7f5762 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ImageMagick-6.2.3-4.6.i586.rpm cd473f0b81b40c2d7387eeccec9126a6 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ImageMagick-Magick++-6.2.3-4.6.i586.rpm 29caed1aaa2aad1cb02a6dc3043e797b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ImageMagick-Magick++-devel-6.2.3-4.6.i586.rpm b4b4c654d7f1315e5ff2f524da2831f1 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ImageMagick-devel-6.2.3-4.6.i586.rpm e02ff46acf16bfa5d7a8abdda4f9c10b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/perl-PerlMagick-6.2.3-4.6.i586.rpm abd013195ae2e6dd6f3d36f1a40faf9d SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ImageMagick-6.1.8-6.6.i586.rpm a6015f397a33caca9465325d3593e408 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ImageMagick-Magick++-6.1.8-6.6.i586.rpm 4ecdae14291bfac5ac0fb2030a33cae5 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ImageMagick-Magick++-devel-6.1.8-6.6.i586.rpm 6073ce67170c759aafb362879a78d3ce ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ImageMagick-devel-6.1.8-6.6.i586.rpm ba2e72511d4cf8bc43883fc965d176af ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/perl-PerlMagick-6.1.8-6.6.i586.rpm f18b1fd1d40e323d0656943b7aacbf7a Power PC Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/ImageMagick-6.2.5-16.10.ppc.rpm 0ce17968ee4b88e82b03969d83cfb877 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/ImageMagick-Magick++-6.2.5-16.10.ppc.rpm 6dd51385fd0a7fa296ce28559bbed9c3 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/ImageMagick-Magick++-devel-6.2.5-16.10.ppc.rpm 952219aef97fd57e91fb1dfc5c67eeba ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/ImageMagick-devel-6.2.5-16.10.ppc.rpm 61b69423fef382664812b67bd7e467a5 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/perl-PerlMagick-6.2.5-16.10.ppc.rpm 017968d9d41f1618b33eedd76fc48c10 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/ImageMagick-6.2.3-4.6.ppc.rpm 327ca2796926ffef811188996a666bdd ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/ImageMagick-Magick++-6.2.3-4.6.ppc.rpm 1c1fe905aa0c0b944eae02bb6188ac24 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/ImageMagick-Magick++-devel-6.2.3-4.6.ppc.rpm 6941f64579f8e2ea751a9f61ac731b60 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/ImageMagick-devel-6.2.3-4.6.ppc.rpm 6de9945e06b2332f4c7f8e59623703b5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/perl-PerlMagick-6.2.3-4.6.ppc.rpm 0bc9c802c61e8004f554eec60983cc07 x86-64 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/ImageMagick-6.2.5-16.10.x86_64.rpm 3b0fc7e0d61599bb6ec8de677de12069 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/ImageMagick-Magick++-6.2.5-16.10.x86_64.rpm a8d269a5e6d216919d4f3ef5048c07f0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/ImageMagick-Magick++-devel-6.2.5-16.10.x86_64.rpm 39756fc165eb7dcf416a4120ac52818a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/ImageMagick-devel-6.2.5-16.10.x86_64.rpm 66f2643a53e78307f5d9081b475fe53b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/perl-PerlMagick-6.2.5-16.10.x86_64.rpm b4f8088f97b2735f42e52c46b801ab83 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/ImageMagick-6.2.3-4.6.x86_64.rpm aabb1f9abb5bf686b7f872cc23d891d0 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/ImageMagick-Magick++-6.2.3-4.6.x86_64.rpm 52d9ab106555003e8fa3a72f1d5c3cb4 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/ImageMagick-Magick++-devel-6.2.3-4.6.x86_64.rpm aac46f4da8928ef27556a1a971b0580f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/ImageMagick-devel-6.2.3-4.6.x86_64.rpm 00a81102fa19303cbf40c0414e361b6f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/perl-PerlMagick-6.2.3-4.6.x86_64.rpm a8114375ac411502b5a4b367c587125a SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ImageMagick-6.1.8-6.6.x86_64.rpm ad2633bb68a390e8bcb1cf248ba95020 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ImageMagick-Magick++-6.1.8-6.6.x86_64.rpm dd507ecf6222ed14ce3f90d51a6d996e ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ImageMagick-Magick++-devel-6.1.8-6.6.x86_64.rpm 7a403f2364da96b132c7957f80c6d540 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ImageMagick-devel-6.1.8-6.6.x86_64.rpm 4b0a5865abec3dae751ba1b5ae653044 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/perl-PerlMagick-6.1.8-6.6.x86_64.rpm 74cd0a2dad875a8019adf12a2536743a Sources: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/ImageMagick-6.2.5-16.10.src.rpm 78474b3af1b7e120694e2e3cc6d034f4 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/ImageMagick-6.2.3-4.6.src.rpm 0ae17c894f34961cfb3f0e070167c8f0 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/ImageMagick-6.1.8-6.6.src.rpm f2a276ad3c03ab1ffd7e10336e70274c Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SuSE Linux Openexchange Server 4 http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html SLES SDK 9 http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html SuSE Linux Standard Server 8 http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html SuSE Linux School Server http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html SuSE Linux Desktop 1.0 http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html SLE SDK 10 http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html SUSE SLED 10 http://support.novell.com/techcenter/psdb/54784cdc395efc4acd3491b3f202e583.html ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2006-Nov/0003.html OTHER REFERENCES: SA22572: http://secunia.com/advisories/22572 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------