Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://ligma.pro/users/r000t/statuses/113206196424128693">GNU/r000t (r000t@ligma.pro)'s status on Friday, 27-Sep-2024 07:38:00 JST</a><a href="https://ligma.pro/@r000t" title="r000t@ligma.pro"><img src="https://gnusocial.jp/avatar/1780-48-20220726042633.webp" width="48" height="48" alt="GNU/r000t" style="position: absolute; left: 0; top: 0;">GNU/r000t</a></section><article><p>That super-wazoo Linux 0day dropped. </p><p><a href="https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I" rel="nofollow noreferrer">https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I</a></p><p>Author claims an attacker can send a specially-crafted UDP packet to port 631, or send mDNS traffic on a LAN, to get RCE. </p><p>**THERE DOES NOT APPEAR TO BE A FIX**, meaning that, at least on the distributions I have checked, **UPDATING YOUR PACKAGES WILL NOT PATCH THIS VULNERABILITY.**</p><p>You should remove CUPS if you do not print from a given host, or at least ensure your firewall is only as permissive as it needs to be to enable the services you mean to host.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3733805#notice-7310814">In conversation</a><time datetime="2024-09-27T07:38:00+09:00" title="Friday, 27-Sep-2024 07:38:00 JST">about 2 months ago</time> <span>from <span><a href="https://ligma.pro/@r000t/113206196424128693" rel="external" title="Sent from ligma.pro via ActivityPub">ligma.pro</a></span></span><a href="https://ligma.pro/@r000t/113206196424128693">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/3226291">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
GNU/r000t (r000t@ligma.pro)'s status on Friday, 27-Sep-2024 07:38:00 JST GNU/r000t
That super-wazoo Linux 0day dropped.
https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I
Author claims an attacker can send a specially-crafted UDP packet to port 631, or send mDNS traffic on a LAN, to get RCE.
**THERE DOES NOT APPEAR TO BE A FIX**, meaning that, at least on the distributions I have checked, **UPDATING YOUR PACKAGES WILL NOT PATCH THIS VULNERABILITY.**
You should remove CUPS if you do not print from a given host, or at least ensure your firewall is only as permissive as it needs to be to enable the services you mean to host.
In conversationabout 2 months ago from ligma.propermalink
Attachments
1. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice