Zeitpunkt Nutzer Delta Tröts TNR Titel Version maxTL Fr 04.10.2024 00:01:14 7.197 -1 645.738 89,7 NerdCulture 4.2.13 1.000 Do 03.10.2024 00:01:11 7.198 +7.198 644.985 89,6 NerdCulture 4.2.13 1.000 Mi 02.10.2024 00:00:06 0 -7.200 0 0,0 0 Di 01.10.2024 00:01:15 7.200 -3 643.758 89,4 NerdCulture 4.2.13 1.000 Mo 30.09.2024 00:01:15 7.203 -2 643.128 89,3 NerdCulture 4.2.12 1.000 So 29.09.2024 00:01:09 7.205 -3 642.447 89,2 NerdCulture 4.2.12 1.000 Sa 28.09.2024 00:00:44 7.208 0 641.886 89,1 NerdCulture 4.2.12 1.000 Sa 28.09.2024 00:00:44 7.208 0 641.886 89,1 NerdCulture 4.2.12 1.000 Fr 27.09.2024 00:01:09 7.208 -1 641.238 89,0 NerdCulture 4.2.12 1.000 Do 26.09.2024 00:00:08 7.209 0 640.599 88,9 NerdCulture 4.2.12 1.000
Olly đź‘ľ (@Olly42) · 01/2024 · Tröts: 318 · Folger: 35
Fr 04.10.2024 15:09
CUPS Flaws enable Linux Remote Code Execution.
CUPS is an open-source printing system based on the Internet Printing Protocol (IPP). While present on many Linux, BSD and other systems. The exploited for remote command execution on vulnerable systems, they could offer more opportunity to attackers who engage in DDoS attacks.
https://www.akamai.com/blog/security-research/2024/oct/october-cups-ddos-threat
#linux #unix #cups #printer #flaws #it #security #privacy #engineering #tech #media #news
CUPS (short for Common UNIX Printing System) is the most widely used printing system on Linux systems, and it is also generally supported on devices running Unix-like operating systems such as FreeBSD, NetBSD, and OpenBSD and their derivates. Four vulnerabilities in various CUPS components can be chained to execute commands remotely when a user launches a print job on an added malicious printer. • CVE-2024-47176 • CVE-2024-47076 • CVE-2024-47175 • CVE-2024-47177
[ImageSource: Akamai] Commands added using the foomatic-rip filter. This causes the remote machine to automatically install the malicious printer and make it available for printing. If the user on that exposed server prints to the new printer, the malicious command in the PPD will be executed locally on the computer. The command to execute when printing is added through a foomatic-rip filter, which executes commands on a device so that a print job is rendered correctly.
[ImageSource: Akamai] The reported vulnerabilities may be exploited to turn vulnerable systems into “amplifiers” by sending a specially crafted UDP packet to a vulnerable instance of CUPS. Instead of instructing CUPS to add a malicious printer, the packet instructs it to send an IPP/HTTP request to the target and port specified by the attacker.
[Öffentlich] Antw.: 0 Wtrl.: 1 Fav.: 0 · via Metatext