Techly NewsGet the app

Get the latest tech news

Bugs Found in Cups


Some 300,000 endpoints may be publicly exposed to RCE, but these are likely to be largely desktops not servers.

Details of several critical Linux vulnerabilities that the security community has been awaiting have landed – they involve bugs in CUPS, the Common UNIX Printing System. Sonatype field CTO Illka Turunen commented: "It's an RCE but with several mitigations, including the fact the attacker needs to be able to connect to a computer via UDP which is widely disabled on network ingress and the service is usually not on by default. No authentication whatsoever” security researcher Margaritelli added; another vector is LAN, where “a local attacker can spoof zeroconf / mDNS / DNS-SD advertisements… and achieve the same code path leading to RCE.”

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Cups

Cups

Photo of Bugs Found

Bugs Found

Related news:

News photo

That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices

News photo

RCE Vulnerability Discovered in Cups

News photo

Attacking UNIX Systems via CUPS

« OS/2 expert channeled a higher power to dispel digital doom vortex
Ex-Far Cry boss Dan Hay reportedly working on new StarCraft shooter at Blizzard »