A critical set of unauthenticated Remote Code Execution (RCE) vulnerabilities in CUPS, affecting all GNU/Linux systems and potentially others, was disclosed today. These vulnerabilities allow a remote…
Either of these commands will reveal processes listening on the port that’s vulnerable by default:
$ sudo lsof -i :631
$ sudo fuser -v 631/tcp 631/udp
The wording of this post gives me the impression that it could exploited even if you don’t have any such processes, if your system contacts a malicious or compromised print server. I would avoid browsing or using printers on unsafe networks until this is patched.
The port 631 process just makes it worse, by allowing someone else to initiate that contact remotely.
Either of these commands will reveal processes listening on the port that’s vulnerable by default:
$ sudo lsof -i :631$ sudo fuser -v 631/tcp 631/udpThe wording of this post gives me the impression that it could exploited even if you don’t have any such processes, if your system contacts a malicious or compromised print server. I would avoid browsing or using printers on unsafe networks until this is patched.
The port 631 process just makes it worse, by allowing someone else to initiate that contact remotely.