Re: [PLUG] CUPS flaw

Rich Mingin (PLUG) via plug on 30 Sep 2024 14:53:32 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] CUPS flaw

From: "Rich Mingin \(PLUG\) via plug" <plug@lists.phillylinux.org>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] CUPS flaw
Date: Mon, 30 Sep 2024 17:53:14 -0400
Reply-to: "Rich Mingin \(PLUG\)" <plug@frags.us>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

I am wrong, I replied before checking my news sources, Ubuntu rolled
out some updated packages yesterday (Sunday) that they claim address
the CVE. I'd expect Mint/PopOS/etc machines to get those fixes now, if
they're not middle-manning the Ubuntu repos. Everyone else, AFAIK, is
working on fixes/updates and giving advice similar to what I did this
morning (do not expose print related ports/services/etc to the
internet!)

On Mon, Sep 30, 2024 at 12:34 PM Rich Mingin (PLUG) <plug@frags.us> wrote:
>
> AFAIK, literally no one on Earth has "fixed" this vulnerability. There
> are no safe versions.
>
> Aggressively block/drop port 631 on your firewall, keep your local
> network free of possible bad actors, and if you can't do both of
> those, I would remove all components of CUPS from any machines you
> need to keep secure.
>
> On Mon, Sep 30, 2024 at 12:31 PM Frank via plug
> <plug@lists.phillylinux.org> wrote:
> >
> > My Mint machines all got CUPS updates last week.  How would I know if
> > those updates patched this vulnerability?
> >
> > - Frank
> >
> >
> > On 9/30/24 9:50 AM, jeffv via plug wrote:
> > > Critical Linux CUPS Printing System Flaws Could Allow Remote Command
> > > Execution
> > >
> > > https://thehackernews.com/2024/09/critical-linux-cups-printing-system.html
> > >
> > >
> > >
> > > "A remote unauthenticated attacker can silently replace existing
> > > printers' (or install new ones) IPP urls with a malicious one,
> > > resulting in arbitrary command execution (on the computer) when a
> > > print job is started (from that computer),"
> > > ___________________________________________________________________________
> > >
> > > Philadelphia Linux Users Group         -- http://www.phillylinux.org
> > > Announcements -
> > > http://lists.phillylinux.org/mailman/listinfo/plug-announce
> > > General Discussion  -- http://lists.phillylinux.org/mailman/listinfo/plug
> > ___________________________________________________________________________
> > Philadelphia Linux Users Group         --        http://www.phillylinux.org
> > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> > General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] CUPS flaw
  - From: Chad Waters via plug <plug@lists.phillylinux.org>

References:
- [PLUG] CUPS flaw
  - From: jeffv via plug <plug@lists.phillylinux.org>
- Re: [PLUG] CUPS flaw
  - From: Frank via plug <plug@lists.phillylinux.org>
- Re: [PLUG] CUPS flaw
  - From: "Rich Mingin \(PLUG\) via plug" <plug@lists.phillylinux.org>

Prev by Date: Re: [PLUG] CUPS flaw
Next by Date: Re: [PLUG] CUPS flaw
Previous by thread: Re: [PLUG] CUPS flaw
Next by thread: Re: [PLUG] CUPS flaw
Index(es):
- Date
- Thread