SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Multimedia)  >   ImageMagick Vendors:   ImageMagick.org
(Debian Issues Fix) ImageMagick BMP Decoding Buffer Overflow Lets Remote Users Crash the Application
SecurityTracker Alert ID:  1011326
SecurityTracker URL:  http://securitytracker.com/id/1011326
CVE Reference:   CVE-2004-0827   (Links to External Site)
Date:  Sep 16 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 6.0.6-2
Description:   A buffer overflow vulnerability was reported in ImageMagick. A remote user can cause ImageMagick to crash.

The vendor reported that a remote user can create a specially crafted BMP image file containing runlength-encoded images that, when decoded by the target user, will cause ImageMagick to crash.

A demonstration exploit image is available at:

http://bugzilla.gnome.org/attachment.cgi?id=30933&action=view

Impact:   A remote user can create a BMP file that, when decoded by the target user, will cause ImageMagick to crash.
Solution:   Debian has released a fix for the stable distribution (woody) in version 5.4.4.5-1woody3 and for the unstable distribution (sid) in version 6.0.6.2-1.
Vendor URL:  www.imagemagick.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Debian)
Underlying OS Comments:  3.0

Message History:   This archive entry is a follow-up to the message listed below.
Aug 31 2004 ImageMagick BMP Decoding Buffer Overflow Lets Remote Users Crash the Application



 Source Message Contents

Subject:  [SECURITY] [DSA 547-1] New Imagemagic packages fix buffer overflows


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 547-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
September 16th, 2004                    http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : imagemagic
Vulnerability  : buffer overflows
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0827
Debian Bug     : 268357

Marcus Meissner from SUSE has discovered several buffer overflows in
the ImageMagick graphics library.  An attacker could create a
malicious image or video file in AVI, BMP, or DIB format that could
crash the reading process.  It might be possible that carefully
crafted images could also allow to execute arbitrary code with the
capabilities of the invoking process.

For the stable distribution (woody) this problem has been fixed in
version 5.4.4.5-1woody3.

For the unstable distribution (sid) this problem has been fixed in
version 6.0.6.2-1.

We recommend that you upgrade your imagemagick packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3.dsc
      Size/MD5 checksum:      852 bd30219ef391bf92ddd1d9440bb204c8
    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3.diff.gz
      Size/MD5 checksum:    15029 919a9ce109d79cbd46be07600659ad23
    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5.orig.tar.gz
      Size/MD5 checksum:  3901237 f35e356b4ac1ebc58e3cffa7ea7abc07

  Alpha architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_alpha.deb
      Size/MD5 checksum:  1309670 da500b46b1267ff4d03976e308065acd
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_alpha.deb
      Size/MD5 checksum:   154074 6971608db558ff0782c3ad0ae009462c
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_alpha.deb
      Size/MD5 checksum:    56140 092caa97de894d81df0140dd2b28dae4
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_alpha.deb
      Size/MD5 checksum:   833318 10bbbd147658ead4decfda1df4e18a1d
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_alpha.deb
      Size/MD5 checksum:    67182 12ff257149eabf085a6dfce68053f402
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_alpha.deb
      Size/MD5 checksum:   113698 9f081ff178091a2e608d067790d01436

  ARM architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_arm.deb
      Size/MD5 checksum:  1296992 05fa897edf7b0d89995491f4ba449688
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_arm.deb
      Size/MD5 checksum:   118588 6f9a48ee452713a8e55ab41be4ef470c
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_arm.deb
      Size/MD5 checksum:    56186 1ad5494d3584fcc8a0a5b80b8a393c03
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_arm.deb
      Size/MD5 checksum:   898494 f07051e3c12c743335abf1a0485cf03c
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_arm.deb
      Size/MD5 checksum:    67226 fdf2758a658b2327166a757e69b47851
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_arm.deb
      Size/MD5 checksum:   109822 9b76a15b68ae88c118c589e33db86b96

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_i386.deb
      Size/MD5 checksum:  1295002 649843a11bd6e67e716a7b428a003ed7
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_i386.deb
      Size/MD5 checksum:   122680 df5253599920dcc08e930b9fb066f5ab
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_i386.deb
      Size/MD5 checksum:    56154 c88abf1babb06cbf1fb331867e07b0f7
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_i386.deb
      Size/MD5 checksum:   772402 b4af59f9a6b39ba622f7044a6c803098
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_i386.deb
      Size/MD5 checksum:    67192 93da49b34877c0d0a1cc5401d015f3ec
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_i386.deb
      Size/MD5 checksum:   106814 31e28aa6bb9018089636a765542292f4

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_ia64.deb
      Size/MD5 checksum:  1336076 83a4c1a3cb25f72329af8c1911155364
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_ia64.deb
      Size/MD5 checksum:   136966 32bcfb89db6ef6303259b89690f6b34a
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_ia64.deb
      Size/MD5 checksum:    56144 cc7a6e8c841953f5c2f28172f3339bdf
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_ia64.deb
      Size/MD5 checksum:  1359876 b859f2de467d20bc88a49d5255113518
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_ia64.deb
      Size/MD5 checksum:    67184 b1c6c79044eaee12ea665e838173e644
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_ia64.deb
      Size/MD5 checksum:   132808 64357db2d047e28efb6ecf34712f81d4

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_hppa.deb
      Size/MD5 checksum:  1297246 d91a93010d0a9b06ef2e7e7c24067eab
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_hppa.deb
      Size/MD5 checksum:   132754 d94ce1833a7622ec7cb1e87e1f7d4d1f
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_hppa.deb
      Size/MD5 checksum:    56178 227dc8a44dec7c8f5ffd7d04d007bf5a
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_hppa.deb
      Size/MD5 checksum:   859610 5e31aa4f3847a122c9b028a7e4cc53c2
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_hppa.deb
      Size/MD5 checksum:    67224 1aa9441ecd0df3be9c9c521c023235f4
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_hppa.deb
      Size/MD5 checksum:   117068 569cddc344832c2651a09302adcb4be9

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_m68k.deb
      Size/MD5 checksum:  1292374 d33d961d168fa1da3e81258593f6cad1
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_m68k.deb
      Size/MD5 checksum:   133904 818babd031d9464983228be672f3ba63
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_m68k.deb
      Size/MD5 checksum:    56194 62f0e0c37d37def3276b472748baf09c
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_m68k.deb
      Size/MD5 checksum:   751662 f15c730f9e533099c4a4fffc43b97320
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_m68k.deb
      Size/MD5 checksum:    67248 e745b4e81854b018b410351f06d4f9f5
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_m68k.deb
      Size/MD5 checksum:   107322 00fa726acbc7db8761babcf7c3f12b6c

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_mips.deb
      Size/MD5 checksum:  1294824 e1c5c5962301328b006f84d9f4552473
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_mips.deb
      Size/MD5 checksum:   120156 e8682a8b9ae6add5268a36d40c7cf60c
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_mips.deb
      Size/MD5 checksum:    56204 39898ed1a2842b4af52cecb46dc11e01
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_mips.deb
      Size/MD5 checksum:   732964 a4fb5327892e275223584dac87fd5f70
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_mips.deb
      Size/MD5 checksum:    67238 08cab47dc272d5c79268616d4cfdafc4
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_mips.deb
      Size/MD5 checksum:   103238 74db9479973dd03fa2043b86c09e6f54

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_mipsel.deb
      Size/MD5 checksum:  1294630 0567612bd39cbb9e112305e981f3dddb
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_mipsel.deb
      Size/MD5 checksum:   113644 9f02d8c68dc3a3ec3ac1a0bbefaf3cd4
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_mipsel.deb
      Size/MD5 checksum:    56188 197d278743e9a63d2965debf6307e229
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_mipsel.deb
      Size/MD5 checksum:   720946 267d45b9082758cb6d248d4835d7a906
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_mipsel.deb
      Size/MD5 checksum:    67222 9288acd5cf8e0d954a698a57490bdf9f
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_mipsel.deb
      Size/MD5 checksum:   102766 8c1f9380559702fc5763cc3591d289a6

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_powerpc.deb
      Size/MD5 checksum:  1291356 13b81750624a3251a6bf6c73a41ddffc
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_powerpc.deb
      Size/MD5 checksum:   135816 6bb64246e67de0778d6f92f126e6cedd
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_powerpc.deb
      Size/MD5 checksum:    56162 7f8990171bc17c386d1fd59f76d8d0f5
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_powerpc.deb
      Size/MD5 checksum:   785946 30216abae843bfb90a40ed0e54899648
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_powerpc.deb
      Size/MD5 checksum:    67212 a42b2482a1cabaeaba2a0464bd50d197
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_powerpc.deb
      Size/MD5 checksum:   111830 a2b06d2e30c5acb8384896d66cd6ec56

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_s390.deb
      Size/MD5 checksum:  1292026 87ad365ff0f76a959d15e6791099861e
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_s390.deb
      Size/MD5 checksum:   131922 b592d2de28c42fad73003745620ba6a6
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_s390.deb
      Size/MD5 checksum:    56168 27d05d99677a8f05814991d6c54d3125
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_s390.deb
      Size/MD5 checksum:   777904 28d8e1d90473b7fd9de7008133826106
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_s390.deb
      Size/MD5 checksum:    67210 bc6bc6951ac1845ad2c2576ba12b4144
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_s390.deb
      Size/MD5 checksum:   108872 3a9b40bd966e82e72b6083933257b108

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/i/imagemagick/imagemagick_5.4.4.5-1woody3_sparc.deb
      Size/MD5 checksum:  1295066 75a65f7dc635c36b0e106f320fc003b9
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5_5.4.4.5-1woody3_sparc.deb
      Size/MD5 checksum:   123762 f1e8dd9d054f5c6720ef3a72e9292956
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick++5-dev_5.4.4.5-1woody3_sparc.deb
      Size/MD5 checksum:    56180 aab8608e0ebb8bfb114517afb32731bf
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5_5.4.4.5-1woody3_sparc.deb
      Size/MD5 checksum:   802498 afed76b4789398a8844af142ded2612c
    http://security.debian.org/pool/updates/main/i/imagemagick/libmagick5-dev_5.4.4.5-1woody3_sparc.deb
      Size/MD5 checksum:    67216 99ac5d6fd3dabef7acec81b29a90fc9c
    http://security.debian.org/pool/updates/main/i/imagemagick/perlmagick_5.4.4.5-1woody3_sparc.deb
      Size/MD5 checksum:   112778 b263339035dad232832a8b48dc221ed8


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBSWaXW5ql+IAeqTIRAj1ZAJ9VR7hkBDz+AmfPv+Bw2JwccVYEZACfVKIl
3Pm+0xstcyvYu2/r9aIc7wc=
=+X6V
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC