Rob PomeroySep 27, 2024

Re: Attacking UNIX Systems via CUPS

Read this: https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

Then you should probably go and rip out CUPS. Everywhere. Or at the very least TAKE YOUR SERVERS OFF THE FLAMING INTERNET.

Exploit code is available on the public internet. No I will not post a link.

#cups #evilsocket

Attacking UNIX Systems via CUPS, Part I

Hello friends, this is the first of two, possibly three (if and when I have time to finish the Windows research) writeups. We will start with targeting GNU/Linux systems with an RCE. As someone who’s

evilsocket
Martin Boller     Sep 27, 2024

So it was "just" #CUPSD #Evilsocket found #RCE in.
Interesting work, but not the shocker announced.

https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

Attacking UNIX Systems via CUPS, Part I

Hello friends, this is the first of two, possibly three (if and when I have time to finish the Windows research) writeups. We will start with targeting GNU/Linux systems with an RCE. As someone who’s

evilsocket
Joseph Zikusooka (ZIK)Sep 26, 2024

Attention Systems Administrators: A vulnerability (CVE-2024-47176 ...) has been identified in the CUPS package used in various Linux systems. Please refer to the following link for the necessary remediation steps:
https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

Also @redhat has a response on this and how to check if you are affected: https://www.redhat.com/en/blog/red-hat-response-openprinting-cups-vulnerabilities

#evilsocket #vulnerability #Cups #Linux #Printing #Sysadmin #cybersecurity #Opensource

Attacking UNIX Systems via CUPS, Part I

Hello friends, this is the first of two, possibly three (if and when I have time to finish the Windows research) writeups. We will start with targeting GNU/Linux systems with an RCE. As someone who’s

evilsocket
Show threadBen AvelingSep 26, 2024
OK, so it ain't great, but it could be a lot worse.
https://www.thestack.technology/critical-9-9-linux-bug-cups-your-ears-the-details-are-now-here/
@iaintshootinmis
#EvilSocket #EvilSocketVuln
Critical 9.9 Linux bug: CUPS your ears, details are here!

Some 300,000 endpoints may be publicly exposed to RCE, but these are likely to be largely desktops not servers.

The Stack
POP POP RETSep 26, 2024

If you are using cups (printer in Linux) and you don't need it. Disable it by running the following commands

Cmds:
systemctl stop cups
systemctl disable cups

#cups #evilsocket

Jiří EischmannSep 26, 2024

OK, let's go to bed and sleep peacefully.

#evilsocket

bibbSep 26, 2024

simone margaritelli released part one of (possibly) 3 regarding remote code execution (rce) vulnerability through cups.

image attached shows instructions for protecting yourself.

https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

#linux #cybersecurity #security #news #cups #cupsbrowsed #rce #evilsocket

Attacking UNIX Systems via CUPS, Part I

Hello friends, this is the first of two, possibly three (if and when I have time to finish the Windows research) writeups. We will start with targeting GNU/Linux systems with an RCE. As someone who’s

evilsocket
fuomag9Sep 26, 2024
POC for #evilsocket #cups https://gist.githubusercontent.com/stong/c8847ef27910ae344a7b5408d9840ee1/raw/9af3eb339aa3b273f2516d554cc8298c895b2cbd/cups-browsed.md
fuomag9Sep 26, 2024
Prepare the popcorns #RCE #Linux #evilsocket

RE: https://digitaldarkage.cc/users/iaintshootinmis/statuses/113205299782757782
IAintShootinMis (@[email protected])

Attached: 1 image Screenshot of EvilSocket accelerating the timeline.

digital_dark_age
NemoSep 26, 2024
Wait, the guy who had all that pwnagotchi metoo drama and meltdown is the one running around claiming 9.9? #EvilSocket