Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://pony.social/users/cult/statuses/113205710150789177">CULTPONY :verified: :verified: (cult@pony.social)'s status on Friday, 27-Sep-2024 05:28:59 JST</a><a href="https://pony.social/@cult" title="cult@pony.social"><img src="https://gnusocial.jp/avatar/20077-48-20231024042554.webp" width="48" height="48" alt="CULTPONY :verified: :verified:" style="position: absolute; left: 0; top: 0;">CULTPONY :verified: :verified:</a><div><a href="https://pony.social/@cult/113205607186180799" rel="in-reply-to">in reply to</a></div></section><article><p>also, as amendment, the gold standard for exploit PoC is to open calc on the user.</p><p>The exploit video on the disclosure shows that the extend of it is being able to write a file in /tmp while being the LP/LPD user, with a 700 umask. It's not exactly frightening, other than the threat of a DoS. LP user doesn't have that many permissions on the system.</p><p>It IS a code execution with a relatively low effort barrier, but it's still not getting anywhere without running CUPS as root.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3733244#notice-7309718">In conversation</a><time datetime="2024-09-27T05:28:59+09:00" title="Friday, 27-Sep-2024 05:28:59 JST">about 2 months ago</time> <span>from <span><a href="https://pony.social/@cult/113205710150789177" rel="external" title="Sent from pony.social via ActivityPub">pony.social</a></span></span><a href="https://pony.social/@cult/113205710150789177">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: www.system.it</div><h5><a href="https://www.system.it/">System srl - Management software &amp; IT Security</a></h5><div> from <span>m.giannini</span></div></header><div>La System srl di Livorno - Toscana, da +40 anni fa vendita e assistenza di programmi gestionali per aziende e commercialisti, e sicurezza informatica</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
CULTPONY :verified: :verified: (cult@pony.social)'s status on Friday, 27-Sep-2024 05:28:59 JST CULTPONY :verified: :verified:
in reply to
also, as amendment, the gold standard for exploit PoC is to open calc on the user.
The exploit video on the disclosure shows that the extend of it is being able to write a file in /tmp while being the LP/LPD user, with a 700 umask. It's not exactly frightening, other than the threat of a DoS. LP user doesn't have that many permissions on the system.
It IS a code execution with a relatively low effort barrier, but it's still not getting anywhere without running CUPS as root.
In conversationabout 2 months ago from pony.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.system.it
  System srl - Management software & IT Security
  from m.giannini
  La System srl di Livorno - Toscana, da +40 anni fa vendita e assistenza di programmi gestionali per aziende e commercialisti, e sicurezza informatica

Public

Embed Notice

HTML Code

Corresponding Notice