Comment on Critical Unauthenticated RCE Flaws in CUPS Printing Systems

mox@lemmy.sdf.org ⁨2⁩ ⁨months⁩ ago

Exploitation involves sending a malicious UDP packet to port 631 on the target, directing it to an attacker-controlled IPP server.

Okay, so at least until this is patched, it would be a good idea to shut down any process that’s listening on port 631, and avoid interaction with untrusted or potentially compromised print servers.

Either of these commands will list any such processes:

$ sudo lsof -i :631
$ sudo fuser -v 631/tcp 631/udp

source
Sort:hotnewtop