1. Forum
  2. Usenet
  3. LINUX.DEBIAN.USER

  • CUPS vulnerability (CVE2024-47176 and related ones)

    From Ralph Aichinger@21:1/5 to All on Fri Sep 27 14:50:01 2024
    Hi, everybody.

    Is there some place tracking CVE 2024-47176 and related ones in Debian?

    https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/ https://www.theregister.com/2024/09/26/cups_linux_rce_disclosed/

    /ralph

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andy Smith@21:1/5 to Ralph Aichinger on Fri Sep 27 15:20:02 2024
    Hi,

    On Fri, Sep 27, 2024 at 02:22:10PM +0200, Ralph Aichinger wrote:
    Is there some place tracking CVE 2024-47176 and related ones in Debian?

    I put "Debian CVE" in to my favourite search engine and the first result
    was:

    https://security-tracker.debian.org/tracker/

    I put "CVE-2024-47176" in to that and the first result was:

    https://security-tracker.debian.org/tracker/CVE-2024-47176

    Thanks,
    Andy

    --
    https://bitfolk.com/ -- No-nonsense VPS hosting

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ralph Aichinger@21:1/5 to Andy Smith on Fri Sep 27 15:40:02 2024
    On Fri, Sep 27, 2024 at 01:16:07PM +0000, Andy Smith wrote:
    I put "CVE-2024-47176" in to that and the first result was:

    https://security-tracker.debian.org/tracker/CVE-2024-47176

    Thanks, Andy. Not quite the information i had hoped for (that stuff
    not being relevant for Debian ;), but oh well, the sensationalism around
    this is probably overdone nevertheless.

    /ralph

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andy Smith@21:1/5 to Ralph Aichinger on Fri Sep 27 16:00:01 2024
    Hi,

    On Fri, Sep 27, 2024 at 03:21:21PM +0200, Ralph Aichinger wrote:
    oh well, the sensationalism around this is probably overdone
    nevertheless.

    As far as I understand it, you would need cups-browsed running on an unfirewalled host in which case an attacker could create a bogus printer
    that executed something as the "lp" user next time a user did a print
    job.

    The reporter asked for a score of 9.9 and made a lot of noise about it,
    and has since got upset that people asked for a reality check on that.

    Thanks,
    Andy

    --
    https://bitfolk.com/ -- No-nonsense VPS hosting

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)