Test Kennung:	1.3.6.1.4.1.25623.1.0.703580
Kategorie:	Debian Local Security Checks
Titel:	Debian Security Advisory DSA 3580-1 (imagemagick - security update)
Zusammenfassung:	Nikolay Ermishkin from the Mail.Ru Security;Team and Stewie discovered several vulnerabilities in ImageMagick, a program suite for;image manipulation. These vulnerabilities, collectively known as ImageTragick,;are the consequence of lack of sanitization of untrusted input. An;attacker with control on the image input could, with the privileges of;the user running the application, execute code;(CVE-2016-3714), make HTTP;GET or FTP requests (CVE-2016-3718),;or delete (CVE-2016-3715), move;(CVE-2016-3716), or read;(CVE-2016-3717;) local files.;;These vulnerabilities are particularly critical if Imagemagick processes;images coming from remote parties, such as part of a web service.;;The update disables the vulnerable coders (EPHEMERAL, URL, MVG, MSL, and;PLT) and indirect reads via /etc/ImageMagick-6/policy.xml file. In;addition, we introduce extra preventions, including some sanitization for;input filenames in http/https delegates, the full remotion of PLT/Gnuplot;decoder, and the need of explicit reference in the filename for the;insecure coders.
Beschreibung:	Summary: Nikolay Ermishkin from the Mail.Ru Security Team and Stewie discovered several vulnerabilities in ImageMagick, a program suite for image manipulation. These vulnerabilities, collectively known as ImageTragick, are the consequence of lack of sanitization of untrusted input. An attacker with control on the image input could, with the privileges of the user running the application, execute code (CVE-2016-3714), make HTTP GET or FTP requests (CVE-2016-3718), or delete (CVE-2016-3715), move (CVE-2016-3716), or read (CVE-2016-3717 ) local files. These vulnerabilities are particularly critical if Imagemagick processes images coming from remote parties, such as part of a web service. The update disables the vulnerable coders (EPHEMERAL, URL, MVG, MSL, and PLT) and indirect reads via /etc/ImageMagick-6/policy.xml file. In addition, we introduce extra preventions, including some sanitization for input filenames in http/https delegates, the full remotion of PLT/Gnuplot decoder, and the need of explicit reference in the filename for the insecure coders. Affected Software/OS: imagemagick on Debian Linux Solution: For the stable distribution (jessie), these problems have been fixed in version 8:6.8.9.9-5+deb8u2. We recommend that you upgrade your imagemagick packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3714 BugTraq ID: 89848 http://www.securityfocus.com/bid/89848 Bugtraq: 20160513 May 2016 - HipChat Server - Critical Security Advisory (Google Search) http://www.securityfocus.com/archive/1/538378/100/0/threaded CERT/CC vulnerability note: VU#250519 https://www.kb.cert.org/vuls/id/250519 Debian Security Information: DSA-3580 (Google Search) http://www.debian.org/security/2016/dsa-3580 Debian Security Information: DSA-3746 (Google Search) http://www.debian.org/security/2016/dsa-3746 https://www.exploit-db.com/exploits/39767/ https://www.exploit-db.com/exploits/39791/ https://security.gentoo.org/glsa/201611-21 http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.html http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegate https://imagetragick.com/ http://www.openwall.com/lists/oss-security/2016/05/03/13 http://www.openwall.com/lists/oss-security/2016/05/03/18 RedHat Security Advisories: RHSA-2016:0726 http://rhn.redhat.com/errata/RHSA-2016-0726.html http://www.securitytracker.com/id/1035742 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568 SuSE Security Announcement: SUSE-SU-2016:1260 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html SuSE Security Announcement: SUSE-SU-2016:1275 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html SuSE Security Announcement: SUSE-SU-2016:1301 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.html SuSE Security Announcement: openSUSE-SU-2016:1261 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html SuSE Security Announcement: openSUSE-SU-2016:1266 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html SuSE Security Announcement: openSUSE-SU-2016:1326 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html http://www.ubuntu.com/usn/USN-2990-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-3715 BugTraq ID: 89852 http://www.securityfocus.com/bid/89852 Common Vulnerability Exposure (CVE) ID: CVE-2016-3716 https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2016-3717 Common Vulnerability Exposure (CVE) ID: CVE-2016-3718
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.