:: Re: [DNG] Critical CVE?
Top Page
Delete this message
Reply to this message
Author: Nick
Date:  
To: dng
Subject: Re: [DNG] Critical CVE?
On 26-09-2024 22:55, Peter Duffy wrote:
> These have appeared in the last hour or so:
>
> https://gist.github.com/stong/c8847ef27910ae344a7b5408d9840ee1
>
> https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
>
> CUPS (specifically cups-browserd)
>
> Personally, I'm waiting for a few analyses of the above before I do
> anything drastic.
>
> On Thu, 2024-09-26 at 14:33 -0500, golinux via Dng wrote:
>> On 2024-09-26 13:53, Martin Steigerwald wrote:
>>> Hi.
>>>
>>> Peter Duffy - 26.09.24, 20:21:15 CEST:
>>>
>>> Or on The Register. And its past 20:00 UTC already.
>>>
>> Nope . . .
>>
>> https://time.is/UTC says it is now 19:31 UTC which is important
>> because
>> today's meet is at 20:30.
>>
>> golinux

It looks pretty serious although I wonder why you would have a open cups
port on the WAN interface. On the distro's I know cups is not installed
by default. And default on 127.0.0.1 if installed.