Open Rafiot opened 9 years ago
I didn't see any recent vulnerability in libmagic allowing command execution. Do you have references?
Fake MIMEtype is assumed, we use it for information and cross check with the extension of the file (see polyglot files).
Unfortunately, this is the only reference I could find : https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2014-1606 , but it only has DoS and no code execution.
Review of the attack surface on the rPI (e.g. power analysis)