English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
146377 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.57314
Categoría:Mandrake Local Security Checks
Título:Mandrake Security Advisory MDKSA-2006:155 (ImageMagick)
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing an update to ImageMagick
announced via advisory MDKSA-2006:155.

Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted
attackers to execute arbitrary code via crafted XCF images. (CVE-2006-3743)

Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted
attackers to execute arbitrary code via crafted Sun bitmap images that trigger
heap-based buffer overflows. (CVE-2006-3744)

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before
6.2.9 allows user-assisted attackers to cause a denial of service (crash)
and possibly execute arbitrary code via large (1) bytes_per_pixel, (2)
columns, and (3) rows values, which trigger a heap-based buffer overflow.
(CVE-2006-4144)

The updated packages have been patched to correct these issues.

Affected: 2006.0, Corporate 3.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:155

Risk factor : High

CVSS Score:
5.1

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-3743
1016749
http://securitytracker.com/id?1016749
19697
http://www.securityfocus.com/bid/19697
20060901-01-P
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
21615
http://secunia.com/advisories/21615
21621
http://secunia.com/advisories/21621
21671
http://secunia.com/advisories/21671
21679
http://secunia.com/advisories/21679
21719
http://secunia.com/advisories/21719
21780
http://secunia.com/advisories/21780
21832
http://secunia.com/advisories/21832
22036
http://secunia.com/advisories/22036
22096
http://secunia.com/advisories/22096
28205
http://www.osvdb.org/28205
ADV-2006-3375
http://www.vupen.com/english/advisories/2006/3375
DSA-1168
http://www.debian.org/security/2006/dsa-1168
GLSA-200609-14
http://security.gentoo.org/glsa/glsa-200609-14.xml
MDKSA-2006:155
http://www.mandriva.com/security/advisories?name=MDKSA-2006:155
RHSA-2006:0633
http://www.redhat.com/support/errata/RHSA-2006-0633.html
SUSE-SA:2006:050
http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html
USN-340-1
http://www.ubuntu.com/usn/usn-340-1
http://bugs.gentoo.org/show_bug.cgi?id=144854
https://issues.rpath.com/browse/RPL-605
imagemagick-propuserunit-bo(28575)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28575
oval:org.mitre.oval:def:9895
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9895
Common Vulnerability Exposure (CVE) ID: CVE-2006-3744
19699
http://www.securityfocus.com/bid/19699
28204
http://www.osvdb.org/28204
imagemagick-rasterfile-bo(28574)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28574
oval:org.mitre.oval:def:11486
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11486
Common Vulnerability Exposure (CVE) ID: CVE-2006-4144
BugTraq ID: 19507
http://www.securityfocus.com/bid/19507
Bugtraq: 20060814 [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow (Google Search)
http://www.securityfocus.com/archive/1/443208/100/0/threaded
Bugtraq: 20060816 Re: [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow (Google Search)
http://www.securityfocus.com/archive/1/443362/100/0/threaded
Debian Security Information: DSA-1213 (Google Search)
http://www.debian.org/security/2006/dsa-1213
http://www.overflow.pl/adv/imsgiheap.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129
http://securitytracker.com/id?1016699
http://secunia.com/advisories/21462
http://secunia.com/advisories/21525
http://secunia.com/advisories/22998
SGI Security Advisory: 20060901-01-P
http://securityreason.com/securityalert/1385
SuSE Security Announcement: SUSE-SA:2006:050 (Google Search)
http://www.ubuntu.com/usn/usn-337-1
XForce ISS Database: imagemagick-readsgiimage-bo(28372)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28372
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.