Using PSPY script, I noticed a script running quite often /opt/image-exif.sh, before that script I see cron being executed, so, I assume this is a scheduled taskĤ. To trigger the vulnerable function, we need to create a valid DjVu file that contains an annotation chunk with the payload that will be executed by the eval function as Perl code.ģ. The vulnerability happens when Exiftool tries to parse the DjVu filetype, more specifically the annotations field in the file structure.
By using a specially-crafted image file, an attacker could exploit this vulnerability to execute arbitrary code on the system.Įxiftool is a tool and library made in Perl that extracts metadata from almost any type of file. ExifTool could allow a local attacker to execute arbitrary code on the system, caused by improper neutralization of user data in the DjVu file format.
0 kommentar(er)
