this post was submitted on 27 Sep 2024
68 points (98.6% liked)

Cybersecurity

5474 readers
203 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago
MODERATORS
kid
[email protected]
68
That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices (www.theregister.com)
submitted 6 days ago by [email protected] to c/cybersecurity
6 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 22 points 6 days ago (4 children)
  • To exploit this across the internet or LAN, a miscreant needs to reach your CUPS service on UDP port 631. Hopefully none of you have that facing the public internet. The miscreant also has to wait for you to start a print job.
  • If port 631 isn't directly reachable, an attacker may be able to spoof zeroconf, mDNS, or DNS-SD advertisements to achieve exploitation on a LAN. Details of that path will be disclosed later, we're promised.

So don't expose 631 to the internet (why would you?) and know who's on your network. Be careful printing things on an untrusted network.

It's serious, but seems like a wonky attack vector for most.

[โ€“] [email protected] 3 points 4 days ago

And to add to that most of the time CUPS is only exposed to local host by default.

load more comments (3 replies)