OSVDB ID: 22121

Title: ImageMagick Delegate Code Multiple Utility Crafted File Name Arbitrary Shell Command Injection

Info

Disclosure

Dec 29, 2005

Discovery

Unknown

Dates

Exploit

Dec 29, 2005

Solution

Unknown

Description

Various ImageMagick utilities fail to correctly validate image file names. The issue is triggered when specially crafted shell commands are part of the file name provided. It is possible that the flaw may allow execution of arbitrary shell commands, resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by not using ImageMagick to open suspicious-looking file names.

Products

ImageMagick Studio LLC

ImageMagick

6.2.4.5

References

Bugtraq ID: 16093
Secunia Advisory ID: 18261 18607 18631 18871 19183 19408 23090 28800
CVE ID: 2005-4601 (see also: NVD)
Vendor Specific Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc https://issues.rpath.com/browse/RPL-811
Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345238
Other Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-66-231321-1
http://www.debian.org/security/2006/dsa-957
http://www.novell.com/linux/security/advisories/2006_06_sr.html
http://www.ubuntu.com/usn/usn-246-1
Vendor URL: http://www.imagemagick.org/
RedHat RHSA: RHSA-2006:0178

Credit

Florian Weimer - fwdeneb.enyo.de -

Direct URL: http://osvdb.org/22121