D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

[LUG]CUPS issues

 

Looks like a CERT dropped an exploit for CUPS ahead of the deadline, so it has been disclosed earlier than intended.

Definitely don't expose CUPS UDP port 631 to the Internet, remove foomatic if you don't need it.

Debian already restricted CUPS web stuff to localhost by default, but you may still have work to do.

Cups-browsed can go, you can manually add printers.

Assume anyone with network access to CUPS can admin your print server, and respond accordingly.

Then expect patches....

https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
-- 
The Mailing List for the Devon & Cornwall LUG
FAQ: https://www.dcglug.org.uk/faq/