ImageMagick Insecure Temporary File Creation Vulnerability - Secunia Advisories - Vulnerability Intelligence

ImageMagick Insecure Temporary File Creation Vulnerability
Secunia Advisory:	SA9140	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2003-06-30
Popularity:	7,713 views

Critical:	Less critical
Impact:	Privilege escalation
Where:	Local system
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 3.0 Debian GNU/Linux unstable alias sid

Software:	ImageMagick 5.x

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2003-0455

Description: Debian has reported a vulnerability in ImageMagick, which can be exploited by malicious, local users to take certain actions on a vulnerable system with the privileges of another user. The problem is that the libmagick library may create temporary files insecurely. This can be exploited to to create or overwrite arbitrary files via a symlink attack if a user invokes a program linked to this library. Solution: Updated packages: -- Debian GNU/Linux 3.0 alias woody -- Source archives: http://security.debian.org/pool/updat...agick/imagemagick_5.4.4.5-1woody1.dsc Size/MD5 checksum: 852 d5287cb8bb5ebea7feb163dce7eb8745 http://security.debian.org/pool/updat...k/imagemagick_5.4.4.5-1woody1.diff.gz Size/MD5 checksum: 13713 97639f0bf3a5b64cdb64be4cad800b22 http://security.debian.org/pool/updat...agick/imagemagick_5.4.4.5.orig.tar.gz Size/MD5 checksum: 3901237 f35e356b4ac1ebc58e3cffa7ea7abc07 Alpha architecture: http://security.debian.org/pool/updat...imagemagick_5.4.4.5-1woody1_alpha.deb Size/MD5 checksum: 1309154 d10139392bc5d82619c80c91e9877e78 http://security.debian.org/pool/updat...ibmagick++5_5.4.4.5-1woody1_alpha.deb Size/MD5 checksum: 153872 54e5bef7b11b49db821d848dd1cdb46b http://security.debian.org/pool/updat...gick++5-dev_5.4.4.5-1woody1_alpha.deb Size/MD5 checksum: 55832 04c80b948497f84d9a8986a9129e0a1a http://security.debian.org/pool/updat.../libmagick5_5.4.4.5-1woody1_alpha.deb Size/MD5 checksum: 831150 02277cf6f610d47bc6b407891206a75c http://security.debian.org/pool/updat...magick5-dev_5.4.4.5-1woody1_alpha.deb Size/MD5 checksum: 66896 33e498a7e3feb84ae35c1fd8dcd6435e http://security.debian.org/pool/updat.../perlmagick_5.4.4.5-1woody1_alpha.deb Size/MD5 checksum: 113414 4bf9c2bbdd47c137c92e86f8e778c623 ARM architecture: http://security.debian.org/pool/updat...k/imagemagick_5.4.4.5-1woody1_arm.deb Size/MD5 checksum: 1296660 9e0819548f01c7423730043c37283fec http://security.debian.org/pool/updat.../libmagick++5_5.4.4.5-1woody1_arm.deb Size/MD5 checksum: 118278 e1b9d0198d61f6eb354f61f508d50220 http://security.debian.org/pool/updat...magick++5-dev_5.4.4.5-1woody1_arm.deb Size/MD5 checksum: 55870 9193725a617bd076e34678e8dc7870bb http://security.debian.org/pool/updat...ck/libmagick5_5.4.4.5-1woody1_arm.deb Size/MD5 checksum: 896558 2fbd372591d2b262c506ccdf6279dc13 http://security.debian.org/pool/updat...ibmagick5-dev_5.4.4.5-1woody1_arm.deb Size/MD5 checksum: 66928 54c4c1a1ea835fb28fc2bfdfac6fdd5c http://security.debian.org/pool/updat...ck/perlmagick_5.4.4.5-1woody1_arm.deb Size/MD5 checksum: 109542 241c0e1f3aa2014479591e7c90cc3e3e Intel IA-32 architecture: http://security.debian.org/pool/updat.../imagemagick_5.4.4.5-1woody1_i386.deb Size/MD5 checksum: 1294636 6ebfed48af04904c53cb3b167d35f8c9 http://security.debian.org/pool/updat...libmagick++5_5.4.4.5-1woody1_i386.deb Size/MD5 checksum: 122406 a2a44e6b90b4661cbdce947dbb5cea6d http://security.debian.org/pool/updat...agick++5-dev_5.4.4.5-1woody1_i386.deb Size/MD5 checksum: 55866 73beac80a24ce0f7ad7a8b00c3d23360 http://security.debian.org/pool/updat...k/libmagick5_5.4.4.5-1woody1_i386.deb Size/MD5 checksum: 769968 0999159912077ffa4e6e9b1a813d06f9 http://security.debian.org/pool/updat...bmagick5-dev_5.4.4.5-1woody1_i386.deb Size/MD5 checksum: 66918 68190ab0bd2c82b347e250c39580e810 http://security.debian.org/pool/updat...k/perlmagick_5.4.4.5-1woody1_i386.deb Size/MD5 checksum: 106550 da18e85a4ab5120c0e6a14a900628ce5 Intel IA-64 architecture: http://security.debian.org/pool/updat.../imagemagick_5.4.4.5-1woody1_ia64.deb Size/MD5 checksum: 1335610 9836eb7439f6b806a4c06f314922d03a http://security.debian.org/pool/updat...libmagick++5_5.4.4.5-1woody1_ia64.deb Size/MD5 checksum: 136736 3b5d3b07566eebebed117e27d6c70880 http://security.debian.org/pool/updat...agick++5-dev_5.4.4.5-1woody1_ia64.deb Size/MD5 checksum: 55826 7b1ae8505a7b66b917a705abddbb8337 http://security.debian.org/pool/updat...k/libmagick5_5.4.4.5-1woody1_ia64.deb Size/MD5 checksum: 1354912 9f7cb7031b17c60110b6b807c4976c65 http://security.debian.org/pool/updat...bmagick5-dev_5.4.4.5-1woody1_ia64.deb Size/MD5 checksum: 66888 915675cc1be6c2ec1aa1c2317f287ab0 http://security.debian.org/pool/updat...k/perlmagick_5.4.4.5-1woody1_ia64.deb Size/MD5 checksum: 132546 8e91d9b19ea31dfc5ab8082bf4d424c2 HP Precision architecture: http://security.debian.org/pool/updat.../imagemagick_5.4.4.5-1woody1_hppa.deb Size/MD5 checksum: 1296918 8ecf64e7738980aa040e5e03a2ee640b http://security.debian.org/pool/updat...libmagick++5_5.4.4.5-1woody1_hppa.deb Size/MD5 checksum: 132462 8cf94dbb086206f9ee00fe777f550357 http://security.debian.org/pool/updat...agick++5-dev_5.4.4.5-1woody1_hppa.deb Size/MD5 checksum: 55864 d2bc8567aa8d2d412a16d7d123c9eb11 http://security.debian.org/pool/updat...k/libmagick5_5.4.4.5-1woody1_hppa.deb Size/MD5 checksum: 857142 4effa98d340a4adc3e01e08693f0f9c0 http://security.debian.org/pool/updat...bmagick5-dev_5.4.4.5-1woody1_hppa.deb Size/MD5 checksum: 66920 4235b8e124f8872d4aa0716031ba16e0 http://security.debian.org/pool/updat...k/perlmagick_5.4.4.5-1woody1_hppa.deb Size/MD5 checksum: 116788 0ad5543d824d37dd507e496816a6a996 Motorola 680x0 architecture: http://security.debian.org/pool/updat.../imagemagick_5.4.4.5-1woody1_m68k.deb Size/MD5 checksum: 1291910 0f79f1b5c834119c55cafdf370b6dd2e http://security.debian.org/pool/updat...libmagick++5_5.4.4.5-1woody1_m68k.deb Size/MD5 checksum: 133604 6b949f8416e73e015ce3e8c55eb88871 http://security.debian.org/pool/updat...agick++5-dev_5.4.4.5-1woody1_m68k.deb Size/MD5 checksum: 55880 ff697d65ba7893023f69334b3aa14dec http://security.debian.org/pool/updat...k/libmagick5_5.4.4.5-1woody1_m68k.deb Size/MD5 checksum: 750226 7760eeacbf881fd994e37c2bc824f8c0 http://security.debian.org/pool/updat...bmagick5-dev_5.4.4.5-1woody1_m68k.deb Size/MD5 checksum: 66958 2cbf7b99d2da0b88994776aa91552e20 http://security.debian.org/pool/updat...k/perlmagick_5.4.4.5-1woody1_m68k.deb Size/MD5 checksum: 107050 5a895603cb4a0e48e7271a302cad7cee Big endian MIPS architecture: http://security.debian.org/pool/updat.../imagemagick_5.4.4.5-1woody1_mips.deb Size/MD5 checksum: 1294384 4fe7c423a428d9879590b0a15debfd24 http://security.debian.org/pool/updat...libmagick++5_5.4.4.5-1woody1_mips.deb Size/MD5 checksum: 119758 5c13b74e3fbb360822a23dce0c739bca http://security.debian.org/pool/updat...agick++5-dev_5.4.4.5-1woody1_mips.deb Size/MD5 checksum: 55882 671f295f4f2f98e998c8a8c0bd70ccbb http://security.debian.org/pool/updat...k/libmagick5_5.4.4.5-1woody1_mips.deb Size/MD5 checksum: 730286 f091d817357ec3c6a0c4c1e4d4f80b7b http://security.debian.org/pool/updat...bmagick5-dev_5.4.4.5-1woody1_mips.deb Size/MD5 checksum: 66932 139499cceccb1a43665a8fa7e451774e http://security.debian.org/pool/updat...k/perlmagick_5.4.4.5-1woody1_mips.deb Size/MD5 checksum: 102960 2c9659cc2cb80059344a5daf30042c81 Little endian MIPS architecture: http://security.debian.org/pool/updat...magemagick_5.4.4.5-1woody1_mipsel.deb Size/MD5 checksum: 1294254 56f9a24d4ca3f5085c4764fff7e26643 http://security.debian.org/pool/updat...bmagick++5_5.4.4.5-1woody1_mipsel.deb Size/MD5 checksum: 113250 347dd47ba9f259320fbd9694c59f7643 http://security.debian.org/pool/updat...ick++5-dev_5.4.4.5-1woody1_mipsel.deb Size/MD5 checksum: 55870 85567e1aae400036fc37be9c58d18ec4 http://security.debian.org/pool/updat...libmagick5_5.4.4.5-1woody1_mipsel.deb Size/MD5 checksum: 718640 79af8a4685086c782b0b55aff35c7e01 http://security.debian.org/pool/updat...agick5-dev_5.4.4.5-1woody1_mipsel.deb Size/MD5 checksum: 66934 be08669429d5efc1f6a408b0d5cc9aec http://security.debian.org/pool/updat...perlmagick_5.4.4.5-1woody1_mipsel.deb Size/MD5 checksum: 102492 758c8d725f91c2b966cbe648315b1982 PowerPC architecture: http://security.debian.org/pool/updat...agemagick_5.4.4.5-1woody1_powerpc.deb Size/MD5 checksum: 1290880 e56a6fcbc1b06d63f0d8624a6c14ff55 http://security.debian.org/pool/updat...magick++5_5.4.4.5-1woody1_powerpc.deb Size/MD5 checksum: 135542 637e7a4decebc592c4392c5d28fedcfb http://security.debian.org/pool/updat...ck++5-dev_5.4.4.5-1woody1_powerpc.deb Size/MD5 checksum: 55868 7adc59ccb76521f5f257cf2a400b9fcc http://security.debian.org/pool/updat...ibmagick5_5.4.4.5-1woody1_powerpc.deb Size/MD5 checksum: 783718 b15259a4f6352b42adc1f2ceeff4c3b2 http://security.debian.org/pool/updat...gick5-dev_5.4.4.5-1woody1_powerpc.deb Size/MD5 checksum: 66920 87b669690d7d5cc503e94d159936cafb http://security.debian.org/pool/updat...erlmagick_5.4.4.5-1woody1_powerpc.deb Size/MD5 checksum: 111546 8ce272013a9dc7a7d1ba21bde37224ed IBM S/390 architecture: http://security.debian.org/pool/updat.../imagemagick_5.4.4.5-1woody1_s390.deb Size/MD5 checksum: 1291660 5eb4312df52449e33801d22fe79ae8b9 http://security.debian.org/pool/updat...libmagick++5_5.4.4.5-1woody1_s390.deb Size/MD5 checksum: 131618 138ec629de5947a631d96e36fdd20925 http://security.debian.org/pool/updat...agick++5-dev_5.4.4.5-1woody1_s390.deb Size/MD5 checksum: 55858 e01a9940a1c4013ef863e5824b62775b http://security.debian.org/pool/updat...k/libmagick5_5.4.4.5-1woody1_s390.deb Size/MD5 checksum: 775122 c24c8778527e89485f8c1615a90b2cc0 http://security.debian.org/pool/updat...bmagick5-dev_5.4.4.5-1woody1_s390.deb Size/MD5 checksum: 66910 278a7bc2cfa9c0df57583906f60a23e5 http://security.debian.org/pool/updat...k/perlmagick_5.4.4.5-1woody1_s390.deb Size/MD5 checksum: 108586 3a65d9b73cf2894b21263fd11b1ca598 Sun Sparc architecture: http://security.debian.org/pool/updat...imagemagick_5.4.4.5-1woody1_sparc.deb Size/MD5 checksum: 1294684 7b6da4b91f91e09fea287d613548c870 http://security.debian.org/pool/updat...ibmagick++5_5.4.4.5-1woody1_sparc.deb Size/MD5 checksum: 123462 4be81cc71d4da063f45ef86bf1e8c0be http://security.debian.org/pool/updat...gick++5-dev_5.4.4.5-1woody1_sparc.deb Size/MD5 checksum: 55856 693ab80759b91751f1d39a42297428d3 http://security.debian.org/pool/updat.../libmagick5_5.4.4.5-1woody1_sparc.deb Size/MD5 checksum: 800230 6c36c10ef707cb6783fae7999b8f8786 http://security.debian.org/pool/updat...magick5-dev_5.4.4.5-1woody1_sparc.deb Size/MD5 checksum: 66926 95b5886aef2a301c2bb4aecffbb7c116 http://security.debian.org/pool/updat.../perlmagick_5.4.4.5-1woody1_sparc.deb Size/MD5 checksum: 112502 72c181c78fa4b8b63f635612870e78ef -- Debian GNU/Linux unstable alias sid -- Fixed in version 4:5.5.7-1. Original Advisory: http://www.debian.org/security/2003/dsa-331

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

2nd Dec, 2008

New advisories:	14
New vulnerabilities:	21
Updated advisories:	26

Less // 374 views

Linksys WRT160N Cross-Site Scripting Vulnerability

Less // 355 views

IBM Rational ClearQuest Multiple Vulnerabilities

Not // 280 views

Debian update for flamethrower

Not // 272 views

flamethrower Insecure Temporary Files

Less // 327 views

IBM Rational ClearCase Cross-Site Scripting Vulnerability

Not // 313 views

DAHDI "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerability

Not // 312 views

Zaptel "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerabilities

Moderately // 298 views

Rumpus Multiple Vulnerabilities

Less // 317 views

bcoos "cid" SQL Injection Vulnerability

Moderately // 331 views

ASP Portal "ASPPortal.mdb" Database Disclosure Security Issue

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.