Lucene search
K

124 matches found

RedhatCVE
RedhatCVE
added 2024/10/04 6:55 p.m.18 views

CVE-2024-47850

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added. Mitigation See the security bulletin for a detailed...

7.5CVSS6.4AI score0.50174EPSS
Exploits15References5
OSV
OSV
added 2024/10/04 1:17 p.m.13 views

SUSE-SU-2024:3523-1 Security update for cups-filters

This update for cups-filters fixes the following issues: - cups-browsed would bind on UDP INADDRANY:631 and trust any packet from any source to trigger a Get-Printer-Attributes IPP request to an attacker controlled URL. This patch removes support for the legacy CUPS and LDAP protocolsbsc1230939,...

5.3CVSS7.2AI score0.50174EPSS
Exploits15References3
NVD
NVD
added 2024/10/04 5:15 a.m.25 views

CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS0.00853EPSS
Exploits0References5
OSV
OSV
added 2024/10/04 5:15 a.m.13 views

CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS7.2AI score
Exploits0References5
OSV
OSV
added 2024/10/04 5:15 a.m.9 views

AZL-53837 CVE-2024-47850 affecting package cups for versions less than 1.28.17-3

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS5.9AI score0.00853EPSS
Exploits0References1
OSV
OSV
added 2024/10/04 5:15 a.m.1 views

DEBIAN-CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS7.8AI score0.00853EPSS
Exploits0References1
OSV
OSV
added 2024/10/04 5:15 a.m.6 views

UBUNTU-CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS7.3AI score0.00853EPSS
Exploits0References11
CVE
CVE
added 2024/10/04 12:0 a.m.208 views

CVE-2024-47850

CVE-2024-47850 affects CUPS with cups-browsed before 2.5b1, where a single IPP UDP printer-add request can trigger an HTTP POST to an arbitrary destination/port, enabling potential DDoS amplification. This is documented in connected Astra Linux advisories and linked advisories; patching via vendo...

7.5CVSS6.5AI score0.00853EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/10/04 12:0 a.m.18 views

CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7AI score0.00853EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/10/04 12:0 a.m.21 views

CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS7.8AI score0.00853EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2024/10/04 12:0 a.m.27 views

CVE-2024-47850

CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer but can be used to create DDoS...

7.5CVSS7.2AI score0.50174EPSS
Exploits15References3
Metasploit
Metasploit
added 2024/10/03 6:54 p.m.172 views

cups-browsed Information Disclosure

Retrieve CUPS version and kernel version information from cups-browsed services. Module Options msf use auxiliary/scanner/misc/cupsbrowsedinfodisclosure msf auxiliarycupsbrowsedinfodisclosure show actions ...actions... msf auxiliarycupsbrowsedinfodisclosure set ACTION msf...

5.3CVSS6.8AI score0.50174EPSS
Exploits15
GithubExploit
GithubExploit
added 2024/10/03 3:53 p.m.895 views

Exploit for CVE-2024-47176

PoC: Unauthenticated RCE on cups-browsed...

8.6CVSS8.7AI score0.76959EPSS
Exploits17
RedHat Linux
RedHat Linux
added 2024/10/03 11:27 a.m.5 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00853EPSS
Exploits0References7
Broadcom
Broadcom
added 2024/10/03 12:0 a.m.8 views

Vulnerabilities in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems (CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177)

OpenPrinting CUPS is the most current version of CUPS, a standards-based, open source printing system for Linux® and other Unix®-like operating systems. Several security vulnerabilities have been disclosed in the OpenPrinting Common Unix Printing System CUPS on Linux systems that could permit...

9.8CVSS9.2AI score0.76959EPSS
Exploits17
RedHat Linux
RedHat Linux
added 2024/10/02 6:32 p.m.5 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00853EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/10/02 6:32 p.m.10 views

cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source

A security issue has been identified in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

5.3CVSS7AI score0.50174EPSS
Exploits15References7
RedHat Linux
RedHat Linux
added 2024/10/02 6:21 p.m.9 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00853EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/10/02 6:21 p.m.13 views

cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source

A security issue has been identified in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

5.3CVSS7AI score0.50174EPSS
Exploits15References7
RedHat Linux
RedHat Linux
added 2024/10/02 12:0 p.m.17 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00853EPSS
Exploits0References7
Rows per page
Query Builder