Lucene search
+L

124 matches found

redhatcve
redhatcve
added 2024/10/04 6:55 p.m.18 views

CVE-2024-47850

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added. Mitigation See the security bulletin for a detailed...

7.5CVSS6.4AI score0.50174EPSS
Exploits15References5
osv
osv
added 2024/10/04 1:17 p.m.13 views

SUSE-SU-2024:3523-1 Security update for cups-filters

This update for cups-filters fixes the following issues: - cups-browsed would bind on UDP INADDRANY:631 and trust any packet from any source to trigger a Get-Printer-Attributes IPP request to an attacker controlled URL. This patch removes support for the legacy CUPS and LDAP protocolsbsc1230939,...

5.3CVSS7.2AI score0.50174EPSS
Exploits15References3
osv
osv
added 2024/10/04 5:15 a.m.9 views

AZL-53837 CVE-2024-47850 affecting package cups for versions less than 1.28.17-3

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS5.9AI score0.00853EPSS
Exploits0References1
nvd
nvd
added 2024/10/04 5:15 a.m.27 views

CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS0.00853EPSS
Exploits0References5
osv
osv
added 2024/10/04 5:15 a.m.13 views

CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS7.2AI score
Exploits0References5
osv
osv
added 2024/10/04 5:15 a.m.1 views

DEBIAN-CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS7.8AI score0.00853EPSS
Exploits0References1
osv
osv
added 2024/10/04 5:15 a.m.6 views

UBUNTU-CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS7.3AI score0.00853EPSS
Exploits0References11
vulnrichment
vulnrichment
added 2024/10/04 12:0 a.m.18 views

CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7AI score0.00853EPSS
Exploits0References3
cve
cve
added 2024/10/04 12:0 a.m.209 views

CVE-2024-47850

CVE-2024-47850 affects CUPS with cups-browsed before 2.5b1, where a single IPP UDP printer-add request can trigger an HTTP POST to an arbitrary destination/port, enabling potential DDoS amplification. This is documented in connected Astra Linux advisories and linked advisories; patching via vendo...

7.5CVSS6.5AI score0.00853EPSS
Exploits0References5
debiancve
debiancve
added 2024/10/04 12:0 a.m.21 views

CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS7.8AI score0.00853EPSS
Exploits0
alpinelinux
alpinelinux
added 2024/10/04 12:0 a.m.27 views

CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS7.2AI score0.50174EPSS
Exploits15References3
metasploit
metasploit
added 2024/10/03 6:54 p.m.172 views

cups-browsed Information Disclosure

Retrieve CUPS version and kernel version information from cups-browsed services. Module Options msf use auxiliary/scanner/misc/cupsbrowsedinfodisclosure msf auxiliarycupsbrowsedinfodisclosure show actions ...actions... msf auxiliarycupsbrowsedinfodisclosure set ACTION msf...

5.3CVSS6.8AI score0.50174EPSS
Exploits15
githubexploit
githubexploit
added 2024/10/03 3:53 p.m.899 views

Exploit for CVE-2024-47176

PoC: Unauthenticated RCE on cups-browsed...

8.6CVSS8.7AI score0.76959EPSS
Exploits17
redhat
redhat
added 2024/10/03 11:27 a.m.5 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00853EPSS
Exploits0References7
broadcom
broadcom
added 2024/10/03 12:0 a.m.8 views

Vulnerabilities in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems (CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177)

OpenPrinting CUPS is the most current version of CUPS, a standards-based, open source printing system for Linux® and other Unix®-like operating systems. Several security vulnerabilities have been disclosed in the OpenPrinting Common Unix Printing System CUPS on Linux systems that could permit...

9.8CVSS9.2AI score0.76959EPSS
Exploits17
redhat
redhat
added 2024/10/02 6:32 p.m.11 views

cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source

A security issue has been identified in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

5.3CVSS7AI score0.50174EPSS
Exploits15References7
redhat
redhat
added 2024/10/02 6:32 p.m.6 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00853EPSS
Exploits0References7
redhat
redhat
added 2024/10/02 6:21 p.m.13 views

cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source

A security issue has been identified in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

5.3CVSS7AI score0.50174EPSS
Exploits15References7
redhat
redhat
added 2024/10/02 6:21 p.m.9 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00853EPSS
Exploits0References7
redhat
redhat
added 2024/10/02 12:0 p.m.17 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00853EPSS
Exploits0References7
Rows per page
Query Builder