The interesting part is every time we uploaded a file with a new hash containing a new payload, virustotal forwarded the payload to other hosts. It gives comprehensive vulnerability information through a very simple user interface. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when.
Hosts identified within the internal network: .cluster.local .local - 172.19.0.1 .cluster.local .cluster.local .cluster.local .cluster.local scanner-rel-typer-7b4c979bc9-bskr8 scanner-zzbm-typer-7b4c979bc9-cf5f7 .qianxin-inc.cn sandk8s23. -inc.cn -inc.cn sandk8s26. sandk8s27. -inc.cn etc. It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. Vulmon is a vulnerability and exploit search engine with vulnerability intelligence features. In the tests it was possible to gain access to more than 50 internal hosts with high privileges. libimage-exiftool-perl could be made to crash if it opened a specially crafted file.
0 kommentar(er)
