"Unauthenticated RCE vs all GNU/Linux systems" coming down the pike, with 9.9 severity. Cool coolhttps://threadreaderapp.com/thread/1838169889330135132.html
-
"Unauthenticated RCE vs all GNU/Linux systems" coming down the pike, with 9.9 severity. Cool cool
https://threadreaderapp.com/thread/1838169889330135132.html -
Looks like it's CUPS, and it's now disclosed and no patch currently available(!). https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
I recommend checking if CUPS is installed and bound to anything public:
Linux:
sudo ss -tulnp | grep cups | awk '{print $5, $7}'
Mac:
sudo lsof -nP -i -sTCP:LISTEN | grep cupsIf you see "0.0.0.0:foo" or "[::]:foo" that means it's listening on a public network interface and you might want to change that (or just uninstall it). Definitely uninstall cups-browsed if you can.
-
"9.9 severity" seems pretty high, unless it's on a scale that goes to 12 or so.