• Remote exploit of CUPS

    From LWN.net@1337:1/100 to All on Thursday, September 26, 2024 22:30:05
    Remote exploit of CUPS

    Date:
    Thu, 26 Sep 2024 21:22:55 +0000

    Description:
    Security researcher Simone Margaritelli has reported a new vulnerability in CUPS , the software that many Linux systems use to manage printers and print jobs. Margaritelli describes the impact of the attack by saying: A remote unauthenticated attacker can silently replace existing printers' (or install new ones) IPP urls with a malicious one, resulting in arbitrary command execution (on the computer) when a print job is started (from that computer). The vulnerability relies on a few related problems in CUPS libraries and utilities; versions before 2.0.1 or 2.1b1 (depending on the component) may be affected.

    ======================================================================
    Link to news story:
    https://lwn.net/Articles/991929/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)