this post was submitted on 27 Sep 2024
42 points (100.0% liked)

Linux

5112 readers
52 users here now

A community for everything relating to the linux operating system

Also check out !linux_memes@programming.dev

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 1 year ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev
42
Critical Unauthenticated RCE Flaws in CUPS Printing Systems (blog.qualys.com)
submitted 3 weeks ago by Toes@ani.social to c/linux@programming.dev
9 comments fedilink hide all child comments
 

cross-posted from: https://ani.social/post/6217644

you are viewing a single comment's thread
view the rest of the comments
[–] runeko@programming.dev 4 points 3 weeks ago (7 children)

So CUPS has to be installed and port 631 exposed for this to be an issue?

[–] curbstickle@lemmy.dbzer0.com -1 points 3 weeks ago (3 children)

Yes.

Its nowhere near the risk that was claimed.

[–] Toes@ani.social 4 points 3 weeks ago (2 children)

Basically an unauthenticated perl interpreter with root open to the network by default in most configurations across a couple decades.

It's about as bad as it can be?

[–] progandy@feddit.org 1 points 3 weeks ago

Is it common for cups to run as root? It should have its own user, but that is still not good.

load more comments (1 replies)
load more comments (1 replies)
load more comments (4 replies)