[USN-90-1] Imagemagick vulnerability

From: Martin Pitt (martin.pitt_at_canonical.com)
Date: 03/03/05

  • Next message: Eric Windisch: "Re: [Full-Disclosure] Windows Registry Analzyer"
    Date: Thu, 3 Mar 2005 10:42:22 +0100
    To: ubuntu-security-announce@lists.ubuntu.com
    
    
    

    ===========================================================
    Ubuntu Security Notice USN-90-1 March 03, 2005
    imagemagick vulnerability
    CAN-2005-0397
    ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 4.10 (Warty Warthog)

    The following packages are affected:

    imagemagick
    libmagick6

    The problem can be corrected by upgrading the affected package to
    version 5:6.0.2.5-1ubuntu1.4. In general, a standard system upgrade is
    sufficient to effect the necessary changes.

    Details follow:

    Tavis Ormandy discovered a format string vulnerability in ImageMagick's file
    name handling. Specially crafted file names could cause a program using
    ImageMagick to crash, or possibly even cause execution of arbitrary code.

    Since ImageMagick can be used in custom printing systems, this also might lead
    to privilege escalation (execute code with the printer spooler's privileges).
    However, Ubuntu's standard printing system does not use ImageMagick, thus there
    is no risk of privilege escalation in a standard installation.

    ImageMagick is also commonly used by web frontends; if these accept image
    uploads with arbitrary file names, this could also lead to remote privilege
    escalation.

      Source archives:

        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.4.diff.gz
          Size/MD5: 129865 b6158cb1e8ac827114bbd483465e8f90
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.4.dsc
          Size/MD5: 874 6d01d5029e385ef25ffcc4b7c1b8f9bc
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5.orig.tar.gz
          Size/MD5: 6700454 207fdb75b6c106007cc483cf15e619ad

      amd64 architecture (Athlon64, Opteron, EM64T Xeon)

        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.4_amd64.deb
          Size/MD5: 1366250 9bd394c1da6ea7f94619af3f9afd8796
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.2.5-1ubuntu1.4_amd64.deb
          Size/MD5: 226626 a8fb07c1e1c893d64fd1450518da0c71
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.2.5-1ubuntu1.4_amd64.deb
          Size/MD5: 161238 538c672bbbfe4e1c7ff23bd0e531a4d2
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.2.5-1ubuntu1.4_amd64.deb
          Size/MD5: 1520098 8bcdd9116e7fd42772b3bd3b3eb97695
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.2.5-1ubuntu1.4_amd64.deb
          Size/MD5: 1167436 817bc00875893b331e673b6199516bf0
        http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.2.5-1ubuntu1.4_amd64.deb
          Size/MD5: 138790 df954c96f52dad5f38302c04f387de54

      i386 architecture (x86 compatible Intel/AMD)

        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.4_i386.deb
          Size/MD5: 1366210 92438f9dc9e47084c225f6b16390f645
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.2.5-1ubuntu1.4_i386.deb
          Size/MD5: 206716 7d8f89d2f933e03ba957a4dab3bd3b05
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.2.5-1ubuntu1.4_i386.deb
          Size/MD5: 162920 cdb938585e251bd9304f3203efe4541a
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.2.5-1ubuntu1.4_i386.deb
          Size/MD5: 1425872 439f600c0fd309caf5e69df2e7e98a88
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.2.5-1ubuntu1.4_i386.deb
          Size/MD5: 1115876 d487f8b1259d468c5c0309c2937388a4
        http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.2.5-1ubuntu1.4_i386.deb
          Size/MD5: 137370 a5a62a05568a9687681c30c4cdd7e749

      powerpc architecture (Apple Macintosh G3/G4/G5)

        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.4_powerpc.deb
          Size/MD5: 1371458 4c9cf675b5e4d68b903bfc92f657137d
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6-dev_6.0.2.5-1ubuntu1.4_powerpc.deb
          Size/MD5: 225366 5772b0ce2aa584a9030bbbe4388b3f95
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick++6_6.0.2.5-1ubuntu1.4_powerpc.deb
          Size/MD5: 154678 01f57a326e5fd9785fd1c9e7aecacc8d
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6-dev_6.0.2.5-1ubuntu1.4_powerpc.deb
          Size/MD5: 1660840 ee31f265a2129e7a9da5b9c26dd35910
        http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/libmagick6_6.0.2.5-1ubuntu1.4_powerpc.deb
          Size/MD5: 1151880 9612131ca3b44c2c6f22b3a751143297
        http://security.ubuntu.com/ubuntu/pool/universe/i/imagemagick/perlmagick_6.0.2.5-1ubuntu1.4_powerpc.deb
          Size/MD5: 136294 eb63a44b42367710ec5fd91fedb369e2

    
    



  • Next message: Eric Windisch: "Re: [Full-Disclosure] Windows Registry Analzyer"

    Relevant Pages

    • [Full-Disclosure] [USN-62-1] imagemagick vulnerability
      ... imagemagick vulnerability ... Ubuntu 4.10 ... The following packages are affected: ... might lead to privilege escalation (execute code with the printer ...
      (Full-Disclosure)
    • [USN-62-1] imagemagick vulnerability
      ... imagemagick vulnerability ... Ubuntu 4.10 ... The following packages are affected: ... might lead to privilege escalation (execute code with the printer ...
      (Bugtraq)
    • [USN-62-1] imagemagick vulnerability
      ... imagemagick vulnerability ... Ubuntu 4.10 ... The following packages are affected: ... might lead to privilege escalation (execute code with the printer ...
      (Full-Disclosure)
    • [Full-disclosure] [USN-132-1] ImageMagick vulnerabilities
      ... Ubuntu 4.10 ... resulted in a crash of the application that used the ImageMagick ... Updated packages for Ubuntu 4.10: ... amd64 architecture ...
      (Full-Disclosure)
    • [Full-Disclosure] [USN-7-1] imagemagick vulnerability
      ... The following packages are affected: ... The problem can be corrected by upgrading the affected package to ... discovered in imagemagick versions prior to 6.1.0. ... might lead to privilege escalation (execute code with the printer ...
      (Full-Disclosure)