%term

The CUPS Vulnerability- The 443 Podcast - Episode 308

Sep 30, 2024 By WatchGuard In WatchGuard

This week on the podcast, we cover the "9.9/10 severity vulnerability affecting most Linux systems" that a researcher disclosed last week and what it means for Linux systems administrators. We then discuss a research post into Kia's remote control systems that allowed one researcher to compromise any Kia in the last decade by just knowing their license plate number. We end with a new act that was just introduced into the US Senate with a goal to secure the healthcare industry.

View Video

WatchGuard

Read more about The CUPS Vulnerability- The 443 Podcast - Episode 308

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

Sep 30, 2024 By Trustwave In Trustwave

On September 26, 2024, security researcher Simone Margaritellidisclosed the details of four OpenPrinting Common UNIX Printing System (CUPS) vulnerabilities, that, when chained together, can allow malicious actors to launch remote code execution (RCE) attacks on vulnerable systems. CUPS is a widely used, open-source printing system that supports Linux and other Unix-like operating systems. It also supports ChromeOS and macOS.

Read Post

Trustwave

Read more about What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

Detecting and Mitigating Remote Code Execution Exploits in CUPS

Sep 29, 2024 By Michael Clark In Sysdig

On September 26th, 2024, details were released about several vulnerabilities in the Common Unix Printing System (CUPS) package. A total of four CVE’s (CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177) have been released, affecting many Unix and Linux distributions. Three of the vulnerabilities are rated High, while one is rated Critical. If left unpatched, a remote attacker is able to execute arbitrary commands on the affected system.

Read Post

Sysdig

Read more about Detecting and Mitigating Remote Code Execution Exploits in CUPS

Stealing Data via Cross Site Scripting

Sep 29, 2024 By Snyk In Snyk

Watch the full video for more...

View Video

Snyk

Read more about Stealing Data via Cross Site Scripting

CUPS: Unraveling a Critical Vulnerability Chain in Unix Printing Systems

Sep 28, 2024 By Amit Schendel In ARMO

A series of critical vulnerabilities has been uncovered in the Common Unix Printing System (CUPS), specifically in the cups-browsed component and related libraries. This vulnerability chain allows remote, unauthenticated attackers to potentially execute arbitrary code with root privileges on affected systems. The discovery highlights significant security risks in a widely-used open-source component and raises crucial questions about legacy system support and security in modern IT environments.

Read Post

ARMO

Read more about CUPS: Unraveling a Critical Vulnerability Chain in Unix Printing Systems

Fix Cross Site Scripting Vulnerability with Snyk

Sep 28, 2024 By Snyk In Snyk

Watch the full video for more...

View Video

Snyk

Read more about Fix Cross Site Scripting Vulnerability with Snyk

Multiple Vulnerabilities Disclosed in Linux-based CUPS Printing Service

Sep 27, 2024 By Stefan Hostetler In Arctic Wolf

On September 26, 2024, a security researcher disclosed several vulnerabilities affecting Common UNIX Printing System (CUPS) within GNU/Linux distributions. CUPS is an open-source printing system that allows Unix-like operating systems, including Linux and MacOS, to manage printers and print jobs across local and networked environments. The newly identified CUPS vulnerabilities identified are.

Read Post

Arctic Wolf

Read more about Multiple Vulnerabilities Disclosed in Linux-based CUPS Printing Service

Friday Flows episode 36: Using Tines Workbench for asset and vulnerability management

Sep 27, 2024 By Tines In Tines

Michael Tolan from Tines Labs returns with Cameron for another episode on Tines Workbench. In case you missed it, Workbench is a Tines-powered AI chat interface where you can take action and access proprietary data in real-time, privately and securely. This episode leverages Workbench to make a tedious process extremely simple to handle. For any teams spending a lot of time on asset and vulnerability management, this is a must-watch!

View Video

Tines

Read more about Friday Flows episode 36: Using Tines Workbench for asset and vulnerability management

Zero-day RCE vulnerability found in CUPS - Common UNIX Printing System

Sep 27, 2024 By Jim Armstrong In Snyk

On September 27, 2024, evilsocket.net (Simone Margaritelli) published information about several vulnerabilities in CUPS (Common UNIX Printing System), which can allow for arbitrary remote code execution (RCE). There are currently 4 CVEs associated with these findings, with potentially more on the way. There is also some debate about the severity of these vulnerabilities, however, one of the CVEs was initially given a CVSS score of 9.9. We will update this blog if new information becomes available.

Read Post