3863 matches found
cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source
A security issue has been identified in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...
cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack
A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...
cups: libppd: remote command injection via attacker controlled data in PPD file
A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...
cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes
A flaw was found in OpenPrinting CUPS. In certain conditions, a remote attacker can add a malicious printer or directly hijack an existing printer by replacing the valid IPP URL with a malicious one. Also, it is possible that due to a lack of validation of IPP attributes returned by the server,...
cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source
A security issue has been identified in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...
cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack
A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...
USN-7043-2: cups-filters vulnerability
USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. I...
USN-7043-2 cups-filters vulnerability
USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. I...
USN-7041-2 cups vulnerability
USN-7041-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate P...
USN-7041-2: CUPS vulnerability
USN-7041-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate P...
The vulnerability of the cups-browsed daemon on print servers in CUPS allows a attacker to execute arbitrary code and expose sensitive information.
The vulnerability of the cups-browsed server on CUPS printing systems is related to the use of dangerous methods or functions. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and disclose sensitive information by sending a specially crafted...
[SECURITY] Fedora 40 Update: cups-browsed-2.0.1-3.fc40
cups-browsed is a helper daemon, which automatically installs printers locally, provides load balancing and clustering of print queues. The daemon installs the printers based on found mDNS records and CUPS broadcast, or by polling a remote print server...
[SECURITY] Fedora 40 Update: libcupsfilters-2.1~b1-3.fc40
Libcupsfilters provides a library, which implements common functions used in cups-browsed daemon and printing filters, and additional files as banner templates and character sets. The filters are used in CUPS daemon and in printer applications...
[SECURITY] Fedora 39 Update: cups-browsed-2.0.1-3.fc39
cups-browsed is a helper daemon, which automatically installs printers locally, provides load balancing and clustering of print queues. The daemon installs the printers based on found mDNS records and CUPS broadcast, or by polling a remote print server...
[SECURITY] Fedora 39 Update: libcupsfilters-2.1~b1-3.fc39
Libcupsfilters provides a library, which implements common functions used in cups-browsed daemon and printing filters, and additional files as banner templates and character sets. The filters are used in CUPS daemon and in printer applications...
[SECURITY] Fedora 41 Update: cups-browsed-2.0.1-3.fc41
cups-browsed is a helper daemon, which automatically installs printers locally, provides load balancing and clustering of print queues. The daemon installs the printers based on found mDNS records and CUPS broadcast, or by polling a remote print server...
cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source
A security issue has been identified in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...
cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack
A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...
cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes
A flaw was found in OpenPrinting CUPS. In certain conditions, a remote attacker can add a malicious printer or directly hijack an existing printer by replacing the valid IPP URL with a malicious one. Also, it is possible that due to a lack of validation of IPP attributes returned by the server,...
Exploit for CVE-2024-47177
CUPS Honeypot Overview This project implements a honeypot...