124 matches found
cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack
A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...
K000141223: OpenPrinting CUPS vulnerabilities CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177
Security Advisory Description CVE-2024-47076 CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data format conversion tasks needed in Printer Applications. The...
SUSE CVE-2024-47176
CUPS is a standards-based, open-source printing system, and cups-browsed contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. cups-browsed binds to INADDRANY:631, causing it to trust any packet from any source, and can cause t...
VulnCheck KEV: CVE-2024-47176
CUPS is a standards-based, open-source printing system, and cups-browsed contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. cups-browsed binds to INADDRANY:631, causing it to trust any packet from any source, and...
Ubuntu 24.04 LTS : cups-browsed vulnerability (USN-7042-1)
The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7042-1 advisory. Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other...
Ubuntu: Security Advisory (USN-7042-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-47176 cups-browsed binds to `INADDR_ANY:631`, trusting any packet from any source
CUPS is a standards-based, open-source printing system, and cups-browsed contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. cups-browsed binds to INADDRANY:631, causing it to trust any packet from any source, and can cause t...
USN-7042-1: cups-browsed vulnerability
Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute...
PT-2024-6501
Name of the Vulnerable Software and Affected Versions cups versions prior to 2.4.11-alt1 cups-browsed versions prior to 2.0.1-0ubuntu2.1 cups-filters affected versions not specified Description The Common UNIX Printing System CUPS and related components, including cups-browsed and cups-filters, a...
cups 安全漏洞
CUPS is a standards-based open source printing system. An input validation error vulnerability exists in CUPS cups-browsed, which can be exploited by an attacker to remotely execute arbitrary commands on the target machine when starting a print job...
cups-filters -- remote code execution
OpenPrinting reports: Due to the service binding to :631 INADDRANY , multiple bugs in cups-browsed can be exploited in sequence to introduce a malicious printer to the system. This chain of exploits ultimately enables an attacker to execute arbitrary commands remotely on the target machine withou...
SUSE CVE-2014-4337
The processbrowsedata function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service out-of-bounds read and application crash via crafted packet data...
SUSE CVE-2014-4336
The generatelocalqueue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707...
SUSE CVE-2014-4338
cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses...
cups-filters code execution
cups-browsed shell characters vulnerability...
USN-2532-1 cups-filters vulnerability
It was discovered that cups-browsed incorrectly filtered remote printer names and strings. A remote attacker could use this issue to possibly execute arbitrary commands...
UBUNTU-CVE-2015-2265
The removebadchars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the 1 model or 2 PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707...
CentOS Update for cups-filters CESA-2014:1795 centos7
Check the version of cups-filters SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882075";...
cups security update
CentOS Errata and Security Advisory CESA-2014:1795 Updated cups-filters packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
Scientific Linux Security Update : cups-filters on SL7.x x86_64 (20141103)
An out-of-bounds read flaw was found in the way the processbrowsedata function of cups-browsed handled certain browse packets. A remote attacker could send a specially crafted browse packet that, when processed by cups- browsed, would crash the cups-browsed daemon. CVE-2014-4337 A flaw was found ...