SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   ImageMagick Vendors:   ImageMagick.org
(CentOS Issues Fix) ImageMagick File Processing Input Validation Flaw Lets Remote Users Read/Move/Delete Arbitrary Files and Execute Arbitrary Commands
SecurityTracker Alert ID:  1035807
SecurityTracker URL:  http://securitytracker.com/id/1035807
CVE Reference:   CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, CVE-2016-3718   (Links to External Site)
Date:  May 9 2016
Impact:   Disclosure of system information, Execution of arbitrary code via network, Host/resource access via network, Modification of system information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 6.9.3-10, 7.0.1-1
Description:   Several vulnerabilities were reported in ImageMagick. A remote user can cause arbitrary commands to be executed on the target user's system. A remote user can read, move, and delete arbitrary files on the target system.

The software does not properly filter parameters processed by the delegate command. A remote user can create a specially crafted image file that, when processed by the target application using ImageMagick, will trigger an input validation flaw and execute arbitrary shell commands on the target system [CVE-2016-3714]. The code will run with the privileges of the target application.

The MVG, HTTPS, EPHEMERAL, and MSL coders are affected.

Nikolay Ermishkin (Mail.Ru Security Team) and stewie reported this vulnerability.

A remote user can create a specially crafted image file that, when processed by the target application using ImageMagick, will delete arbitrary files on the target system [CVE-2016-3715]. The EPHEMERAL coder is affected.

A remote user can create a specially crafted image file that, when processed by the target application using ImageMagick, will move arbitrary files on the target system [CVE-2016-3716]. The MSL coder is affected.

A remote user can create a specially crafted image file that, when processed by the target application using ImageMagick, will read arbitrary files on the target system [CVE-2016-3717]. The LABEL code is affected.

A remote user can create a specially crafted image file that, when processed by the target application using ImageMagick, will conduct server-side request forgery attacks [CVE-2016-3718]. The HTTP and FTP coders are affected.

Impact:   A remote user can create content that, when processed by the target application, will read, move, or delete arbitrary files or execute arbitrary code on the target user's system.

A remote user can create content that, when processed by the target application, will conduct server-side forgery attacks.

Solution:   CentOS has issued a fix.

i386:
9927fd325b74569be047a6764c1d7cf869b3d1025d23a457359e6e717aca7f7f ImageMagick-6.7.2.7-4.el6_7.i686.rpm
8a047d350978287a19487f84f2957e234acb90c2f848ea7f501f06b622ed3490 ImageMagick-c++-6.7.2.7-4.el6_7.i686.rpm
3bbf614460cf0b3d5aba00d191c3dec52e739a4435652f4a2bd73d205a2017bf ImageMagick-c++-devel-6.7.2.7-4.el6_7.i686.rpm
a10d5765d6dd94177fb308c647b4450b3e8ec798a3a9128e29b22f49242486d7 ImageMagick-devel-6.7.2.7-4.el6_7.i686.rpm
fb886cacd41e0148a70c76a8777f825928418a257295b235120f10c59838096b ImageMagick-doc-6.7.2.7-4.el6_7.i686.rpm
832476e5b7b7e05727bd0985d5c9712fb7b8a4971fd74ee7b04a880e64f81891 ImageMagick-perl-6.7.2.7-4.el6_7.i686.rpm

x86_64:
9927fd325b74569be047a6764c1d7cf869b3d1025d23a457359e6e717aca7f7f ImageMagick-6.7.2.7-4.el6_7.i686.rpm
369a736262ae06bb836fe5c5969f8f54b7617b360671daf8754328fb2a9ca232 ImageMagick-6.7.2.7-4.el6_7.x86_64.rpm
8a047d350978287a19487f84f2957e234acb90c2f848ea7f501f06b622ed3490 ImageMagick-c++-6.7.2.7-4.el6_7.i686.rpm
4acc2bc7ec94428a27d4bd8e90eb30992dcdacf442832a94900fafdee2bba161 ImageMagick-c++-6.7.2.7-4.el6_7.x86_64.rpm
3bbf614460cf0b3d5aba00d191c3dec52e739a4435652f4a2bd73d205a2017bf ImageMagick-c++-devel-6.7.2.7-4.el6_7.i686.rpm
a03fe5caeda8b2b3fac19f667c7e8350c02254ec87348ef1a151e849ae089fee ImageMagick-c++-devel-6.7.2.7-4.el6_7.x86_64.rpm
a10d5765d6dd94177fb308c647b4450b3e8ec798a3a9128e29b22f49242486d7 ImageMagick-devel-6.7.2.7-4.el6_7.i686.rpm
8e0fbfe3affcc5f17ecb3073fca57f983b8ea2c2743adcdad384bba29928924b ImageMagick-devel-6.7.2.7-4.el6_7.x86_64.rpm
190d9f774cec3c009c6d3951e4994e593d923c4f016651a5330f42dc2c0a1657 ImageMagick-doc-6.7.2.7-4.el6_7.x86_64.rpm
6a965e6643de5e0c94036383af7901290fa2734308e9772eed371ca5bb160207 ImageMagick-perl-6.7.2.7-4.el6_7.x86_64.rpm

Source:
c4aebf2997a43af87c792a7face16c8f259a251394d7738193a2f4151ea542ec ImageMagick-6.7.2.7-4.el6_7.src.rpm

x86_64:
b2a8db29fe7b4fed1c7b9378359d4c88a01211bed166e3ff5add087615b77df9 ImageMagick-6.7.8.9-13.el7_2.i686.rpm
d068e1c6d31b60033be4c8205309f9a5c1420019fe6bae641aa7b6c553aa127d ImageMagick-6.7.8.9-13.el7_2.x86_64.rpm
6939732c18e646c7ba7d289d95828b3f74172e9c004d9e512310cd3e7476c23e ImageMagick-c++-6.7.8.9-13.el7_2.i686.rpm
2e50209e93c304321cb577f7e11d44dd539118b31bca513cdf61443caba34fb4 ImageMagick-c++-6.7.8.9-13.el7_2.x86_64.rpm
554809e95be406955a731c317a6f935f4f82558532c57dccf58116fed22d26f4 ImageMagick-c++-devel-6.7.8.9-13.el7_2.i686.rpm
c578b58a366f5f381b78293dc72912c8b0b31ef9054f554658dcea653dcd6dab ImageMagick-c++-devel-6.7.8.9-13.el7_2.x86_64.rpm
2f30e966f0ee5bf8fe62501f05c68823a8f967918ebd0ac311c40c671fbfade7 ImageMagick-devel-6.7.8.9-13.el7_2.i686.rpm
d99df1ef40cf16a8e3959a4aeeb61c344ee2e8b868354c39001113ac6b70d9c6 ImageMagick-devel-6.7.8.9-13.el7_2.x86_64.rpm
a7e225d874a23b4b8beee504b36b7ea7c4c7d11799e0eabea3a63fe0a1efcd31 ImageMagick-doc-6.7.8.9-13.el7_2.x86_64.rpm
60661e05092b8494bb876eff3e61d5b31b303890ad6713967252fb8078c5e2b8 ImageMagick-perl-6.7.8.9-13.el7_2.x86_64.rpm

Source:
e4ed13a3eb5d110d9131d65327d8190839bc22c779c472d355d0d7ce7af10cd2 ImageMagick-6.7.8.9-13.el7_2.src.rpm

Cause:   Input validation error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  6, 7

Message History:   This archive entry is a follow-up to the message listed below.
May 4 2016 ImageMagick File Processing Input Validation Flaw Lets Remote Users Read/Move/Delete Arbitrary Files and Execute Arbitrary Commands



 Source Message Contents

Subject:  [CentOS-announce] CESA-2016:0726 Important CentOS 7 ImageMagick Security Update


CentOS Errata and Security Advisory 2016:0726 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0726.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
b2a8db29fe7b4fed1c7b9378359d4c88a01211bed166e3ff5add087615b77df9  ImageMagick-6.7.8.9-13.el7_2.i686.rpm
d068e1c6d31b60033be4c8205309f9a5c1420019fe6bae641aa7b6c553aa127d  ImageMagick-6.7.8.9-13.el7_2.x86_64.rpm
6939732c18e646c7ba7d289d95828b3f74172e9c004d9e512310cd3e7476c23e  ImageMagick-c++-6.7.8.9-13.el7_2.i686.rpm
2e50209e93c304321cb577f7e11d44dd539118b31bca513cdf61443caba34fb4  ImageMagick-c++-6.7.8.9-13.el7_2.x86_64.rpm
554809e95be406955a731c317a6f935f4f82558532c57dccf58116fed22d26f4  ImageMagick-c++-devel-6.7.8.9-13.el7_2.i686.rpm
c578b58a366f5f381b78293dc72912c8b0b31ef9054f554658dcea653dcd6dab  ImageMagick-c++-devel-6.7.8.9-13.el7_2.x86_64.rpm
2f30e966f0ee5bf8fe62501f05c68823a8f967918ebd0ac311c40c671fbfade7  ImageMagick-devel-6.7.8.9-13.el7_2.i686.rpm
d99df1ef40cf16a8e3959a4aeeb61c344ee2e8b868354c39001113ac6b70d9c6  ImageMagick-devel-6.7.8.9-13.el7_2.x86_64.rpm
a7e225d874a23b4b8beee504b36b7ea7c4c7d11799e0eabea3a63fe0a1efcd31  ImageMagick-doc-6.7.8.9-13.el7_2.x86_64.rpm
60661e05092b8494bb876eff3e61d5b31b303890ad6713967252fb8078c5e2b8  ImageMagick-perl-6.7.8.9-13.el7_2.x86_64.rpm

Source:
e4ed13a3eb5d110d9131d65327d8190839bc22c779c472d355d0d7ce7af10cd2  ImageMagick-6.7.8.9-13.el7_2.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC