Mr. BitternessSep 26, 2024

So this "CVSS 9.9" "unauthenticated RCE vs all GNU/Linux systems (plus others)" thing...

- Does NOT affect all GNU/Linux systems.
- Is not CVSS 9.9. I put it at a 6.3

It also requires:
1) The victim system has no active firewall to block incoming connections.
2) A user on the victim system must print something to a printer that mysteriously appears on the system that has never been there before.

If these two things happen, then command execution can happen as the "lp" user.

<yawn>

We get it. You found a vulnerability.
Lying about it to try to stir up interest in it is not appreciated by anybody who takes themselves seriously in this industry.

CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 have been assigned.

https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

Attacking UNIX Systems via CUPS, Part I

Hello friends, this is the first of two, possibly three (if and when I have time to finish the Windows research) writeups. We will start with targeting GNU/Linux systems with an RCE. As someone who’s

evilsocket
Show threadruff
@wdormann oh come now, just create a 'Default Printer (Generic IPP Printer)' and sooner or later someone will print on it. With a slight touch of social engineering rather sooner.
Sep 27, 2024 at 5:30amWeb