MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
cups
Search

Remote exploit of CUPS

Thursday September 26, 2024. 11:22 PM , from LWN.net
Security researcher Simone Margaritelli

has reported a new vulnerability in

CUPS, the software that many Linux systems use to manage printers and print jobs. Margaritelli describes the impact of the attack by saying:

A remote unauthenticated attacker can silently replace existing printers' (or install new ones) IPP urls with a malicious one, resulting in arbitrary command execution (on the computer) when a print job is started (from that computer).

The vulnerability relies on a few related problems in CUPS libraries and utilities; versions before 2.0.1 or 2.1b1 (depending on the component) may be affected.

Red Hat has released a security bulletin as well.
Read more at LWN.net
https://lwn.net/Articles/991929/

Related News

cups 'Critical' CUPS vulnerability chain easy to use for massive DDoS attacks TheRegisterOct 7
remote Akamai finds many systems with exposed CUPS vulnerability LWN.netOct 5
vulnerability Akamai Warns CUPS-Browsed Vulnerability Also Brings New Threat of DDoS Attacks SlashdotOct 5
exploit Akamai Warns CUPS Vulnerability Also Brings New Threat of DDoS Attacks SlashdotOct 5
print Attackers Exploit Critical Zimbra Vulnerability Using CC'd Email Addresses SlashdotOct 3
margaritelli 700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking TheRegisterOct 2
computer Mazda's $10 Subscription For Remote Start Sparks Backlash After Killing Open Source Option SlashdotSep 30
security Remote ID verification tech is often biased, bungling, and no good on its own TheRegisterSep 30
cups HP’s new remote support service can even resurrect unbootable PCs ComputerWorldSep 27
remote That doomsday critical Linux bug: It's CUPS. Could lead to remote hijacking of devices TheRegisterSep 26
vulnerability That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices TheRegisterSep 26
exploit Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town TheRegisterSep 23
print Citrix adds remote Mac support, but some customers are grumpy TheRegisterSep 20
margaritelli VMware patches remote make-me-root holes in vCenter Server, Cloud Foundation TheRegisterSep 17
computer Adobe fixed Acrobat bug, neglected to mention whole zero-day exploit thing TheRegisterSep 12
security Remote access tools leave OT systems at risk of attack BetaNewsSep 10
cups Remote Indigenous tribe kills encroaching loggers in Amazon BoingBoingSep 9
remote Zoom profits up despite CEO's doubts about remote working TheRegisterAug 22
vulnerability Download our remote IT support tools enterprise buyer’s guide ComputerWorldAug 22
exploit Time to update Chrome (again) to patch another zero-day exploit PC WorldAug 22
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Nov, Fri 15 - 21:54 CET