This Metasploit module exploits a Perl injection vulnerability in the DjVu ANT parsing code of ExifTool versions 7.44 through 12.23 inclusive. The injection is used to execute a shell command using Perl backticks. The DjVu image can be embedded in a wrapper image using the HasselbladExif EXIF field.
1fba1ff491cb6bf069766f65d4437c6eRed Hat Security Advisory 2021-1266-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.
f97b03a9545f11491b1cf08b54df658cRed Hat Security Advisory 2021-1032-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.
2ddb4b768adb43305929cb7dab3ed45aRed Hat Security Advisory 2021-0883-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.
0f9cb8428110197da55672ff721c1568Red Hat Security Advisory 2021-0557-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a denial of service vulnerability.
be081b7bf4fcfb242bf899525f9b3fecRed Hat Security Advisory 2021-0525-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
3e99cb6e6f3c2a0255b5e7fb68baf8d6Red Hat Security Advisory 2021-0343-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.
fd544b1b601f01432dcbce4b41dc19aaRed Hat Security Advisory 2021-0358-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
99f90f88434e1cc848ac30290cbaa6e7Red Hat Security Advisory 2021-0257-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
4f6345447dc21eb0b352b1ac1e61a6e8zyHell is a perl script that scans for the ZyXEL godmode backdoor account.
794576265f9d76d9bcf6317f345fb8e9Red Hat Security Advisory 2020-5480-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
527b8ee70aa0dcb5c3b440bc3e2c7fd3Red Hat Security Advisory 2020-5420-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
1cfbc017c0d01b8d386cfbe7ab5d5b00Red Hat Security Advisory 2020-5372-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
b1aec2c32ea5f0b6895bd4976d556f72Red Hat Security Advisory 2020-5350-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
80c489b8aae2b1bd43d8a5d153eb0c90Red Hat Security Advisory 2020-5201-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
766f0600dbf74cd91f0dd2db8f9fe7bdRed Hat Security Advisory 2020-5129-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
b80fc43827b77988bff0d6cb51e8ac60Red Hat Security Advisory 2020-4539-01 - The pcre2 package contains a new generation of the Perl Compatible Regular Expression libraries for implementing regular expression pattern matching using the same syntax and semantics as Perl. Issues addressed include an out of bounds read vulnerability.
dfdfc2d747c161badfddc171b41c2931Ubuntu Security Notice 4602-2 - USN-4602-1 fixed several vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
549f62bb06239388f75ae227d8f0e23cUbuntu Security Notice 4602-1 - ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
12de9bee88d387efd047ec5aa10983a5Ubuntu Security Notice 4534-1 - It was discovered that Perl DBI module incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information.
81da7816a7bd783ef177b9e1666a82d6Ubuntu Security Notice 4509-1 - It was discovered that Perl DBI module incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Perl DBI module incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information.
7a67357d513658a17198146503a551a7Ubuntu Security Notice 4503-1 - It was discovered that Perl DBI module incorrectly handled certain calls. An attacker could possibly use this issue to execute arbitrary code.
958a8420e097c7d493f17f891bd131acGentoo Linux Security Advisory 202009-7 - Multiple vulnerabilities have been found in the Perl module DBI, the worst of which could result in a Denial of Service condition. Versions less than 1.643.0 are affected.
adc99cfc7d25d1f38f9f4dab9b40bd69Red Hat Security Advisory 2020-2539-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. Issues addressed include denial of service, double free, memory leak, and null pointer vulnerabilities.
6689dbe7afd0379d11018e851d8ecec5Gentoo Linux Security Advisory 202006-3 - Multiple vulnerabilities have been found in Perl, the worst of which could result in a Denial of Service condition. Versions less than 5.30.3 are affected.
d5ef6833669c64a8b1c75e1e39522b58
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed