漏洞信息详情
Imagemagick 未明拒绝服务漏洞
- CNNVD编号:CNNVD-200503-126 <!--
- 危害等级: 中危-->
- 危害等级: 中危
- CVE编号: CVE-2005-0761
- 漏洞类型: 其他
- 发布时间: 2005-03-23
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: imagemagick
- 漏洞来源: Andrei Nigmatulin ...
-
漏洞简介
ImageMagick 6.1.8之前版本中存在未明漏洞,远程攻击者可以通过伪装的PSD文件实施拒绝服务攻击(应用程序崩溃)。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
RedHat Fedora Core2
Fedora ImageMagick-6.2.0.7-2.fc2.4.legacy.i386.rpm
RedHat Fedora Core 2
http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-6.2 .0.7-2.fc2.4.legacy.i386.rpm
Fedora ImageMagick-c++-6.2.0.7-2.fc2.4.legacy.i386.rpm
RedHat Fedora Core 2
http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-c++ -6.2.0.7-2.fc2.4.legacy.i386.rpm
Fedora ImageMagick-c++-devel-6.2.0.7-2.fc2.4.legacy.i386.rpm
RedHat Fedora Core 2
http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-c++ -devel-6.2.0.7-2.fc2.4.legacy.i386.rpm
Fedora ImageMagick-devel-6.2.0.7-2.fc2.4.legacy.i386.rpm
RedHat Fedora Core 2
http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-dev el-6.2.0.7-2.fc2.4.legacy.i386.rpm
Fedora ImageMagick-perl-6.2.0.7-2.fc2.4.legacy.i386.rpm
RedHat Fedora Core 2
http://download.fedoralegacy.org/fedora/2/updates/i386/ImageMagick-per l-6.2.0.7-2.fc2.4.legacy.i386.rpm
RedHat Fedora Core1
Fedora ImageMagick-5.5.6-13.legacy.i386.rpm
RedHat Fedora Core 1
http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-5.5 .6-13.legacy.i386.rpm
Fedora ImageMagick-c++-5.5.6-13.legacy.i386.rpm
RedHat Fedora Core 1
http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-c++ -5.5.6-13.legacy.i386.rpm
Fedora ImageMagick-c++-devel-5.5.6-13.legacy.i386.rpm
RedHat Fedora Core 1
http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-c++ -devel-5.5.6-13.legacy.i386.rpm
Fedora ImageMagick-devel-5.5.6-13.legacy.i386.rpm
RedHat Fedora Core 1
http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-dev el-5.5.6-13.legacy.i386.rpm
Fedora ImageMagick-perl-5.5.6-13.legacy.i386.rpm
RedHat Fedora Core 1
http://download.fedoralegacy.org/fedora/1/updates/i386/ImageMagick-per l-5.5.6-13.legacy.i386.rpm
ImageMagick ImageMagick 5.3.3
TurboLinux ImageMagick-5.3.3-5.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/ImageMagick-5.3.3-5.i586.rpm
TurboLinux ImageMagick-5.3.3-5.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/ImageMagick-5.3.3-5.i586.rpm
TurboLinux ImageMagick-devel-5.3.3-5.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/ImageMagick-devel-5.3.3-5.i586.rpm
TurboLinux ImageMagick-devel-5.3.3-5.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/ImageMagick-devel-5.3.3-5.i586.rpm
ImageMagick ImageMagick 5.4.3
TurboLinux ImageMagick-5.4.3-4.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/ImageMagick-5.4.3-4.i586.rpm
TurboLinux ImageMagick-devel-5.4.3-4.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/ImageMagick-devel-5.4.3-4.i586.rpm
参考网址
来源: BID
名称: 12876
链接:http://www.securityfocus.com/bid/12876
来源: SUSE
名称: SUSE-SA:2005:017
链接:http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html
来源: SECTRACK
名称: 1013550
链接:http://securitytracker.com/id?1013550
来源: REDHAT
名称: RHSA-2005:070
链接:http://rhn.redhat.com/errata/RHSA-2005-070.html
受影响实体
- Imagemagick Imagemagick:5.5.6.0_2003-04-09<!--2000-1-1-->
- Imagemagick Imagemagick:5.5.7<!--2000-1-1-->
- Imagemagick Imagemagick:6.0<!--2000-1-1-->
- Imagemagick Imagemagick:6.0.1<!--2000-1-1-->
补丁
暂无
还没有评论,来说两句吧...