#CUPSVulnerability

New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks

by

October 8, 2024 at 05:54PM A new scanner, created by Marcus Hitchins, is designed to identify devices vulnerable to the CUPS RCE flaw (CVE-2024-47176). By setting up an HTTP server on the scanning machine, the Python script sends custom UDP packets to the network, eliciting responses from vulnerable devices. The generated results aid system administrators … Read more

Recently patched CUPS flaw can be used to amplify DDoS attacks

by

October 3, 2024 at 06:36PM A vulnerability in the Common Unix Printing System allows threat actors to initiate DDoS attacks with a 600x amplification factor. This exploit, triggered by a single UDP packet, can quickly recruit vulnerable servers for attacks and cause an “infinite loop” of requests, especially on outdated CUPS versions. Akamai and Cloudflare … Read more