Welcome to SparkyLinux forums
Zapraszamy również na polsko-języczne Forum https://forum.linuxiarze.pl

CUPS and evil people

Started by kanliot, September 27, 2024, 04:34:25 AM

Previous topic - Next topic

kanliot

https://www.reddit.com/r/sysadmin/comments/1fq5ojq/99_cve_announced_is_a_rce_in_cups/

This bug is a "remote code execution" bug.

Basically, any computer with the CUPS service running, that's not behind a firewall... allows the attacker to add a printer, and run scripts as root.

The mitigation for now, is not to print anything, as the hack doesn't allow the attacker to start new printing jobs.

Something to consider...   here in the USA i did   
        apt remove cups
    apt remove cups-browsed
    apt-mark hold cups-browsed
    apt-mark hold cups




View the most recent posts on the forum