Sep 27, 2024 Ravie LakshmananLinux / Vulnerability
A brand new safety vulnerability has been disclosed within the OpenPrinting Commonplace Unix Printing Gadget (CUPS) on Linux techniques that might permit far flung command execution underneath positive prerequisites. “An unauthorized far flung attacker can silently trade the printer’s current (or set up new) IPP urls and different malicious ones, leading to a ban (at the pc) when the printing procedure begins (from that pc),” safety researcher Simone. Margaritelli stated. CUPS is a proprietary, open supply machine for Linux and different Unix running techniques, together with ArchLinux, Debian, Fedora, Pink Hat Undertaking Linux (RHEL), ChromeOS, FreeBSD, NetBSD, OpenBSD, openSUSE, and SUSE Linux. . The record of vulnerabilities is as follows – CVE-2024-47176 – browser caps <= 2.0.1 builds on UDP INADDR_ANY:631 depending on any packet from any supply to begin a Get-Printer-Attributes IPP request to an attacker-controlled URL. CVE-2024-47076 - libcupsfilters <= 2.1b1 cfGetPrinterAttributes5 does now not validate or blank the IPP attributes returned from the IPP server, offering maliciously managed information to all the CUPS machine CVE-2024-47175 - libppdCPPreb2 does now not validate or blank the IPP attributes when writing them to the transient PPD report, permitting attacker-controlled information injection into PPD CVE-2024-47177 - cap filters <= 2.0.1 foomatic-rip permits arbitrary execution. by way of the FoomaticRIPCommandLine PPD parameter The results of this flaw is that it may be evolved into an exploit chain that permits an attacker to create a malicious, faux printer instrument on a networked Linux gadget working CUPS and execute far flung code when sending a print process.
“This factor is brought about via deficient dealing with of ‘New Printer To be had’ bulletins within the ‘caps-not-browsable’ box, mixed with unsuitable validation and ‘caps’ of knowledge equipped via a malicious printing instrument,” community safety company Ontinue stated. “The vulnerability is brought about via inadequate authentication of community information, permitting attackers to create a inclined gadget to put in a malicious motive force, and ship a print process to the motive force this is executing the malicious code. The lp person – now not the superuser ‘root.'” RHEL, in an advisory, stated. all varieties of operations are suffering from the 4 mistakes, however they have got learned that they aren’t prone to their immutability. It put the tales at a prime precedence for the dry, since the true global enjoy may also be low.
“Through linking this set of threats in combination, an attacker can execute far flung code execution that may end up in the robbery of vital information and/or the destruction of complicated manufacturing techniques,” it stated. Cybersecurity corporate Rapid7 stated that the affected machine can be utilized, both from the general public Web or from the Web, provided that UDP port 631 is to be had and the inclined provider is listening. Palo Alto Networks has disclosed that none of its merchandise and cloud products and services comprise the aforementioned instrument associated with CUPS, so they aren’t suffering from the issues. Patches for the vulnerabilities are these days being evolved and are anticipated to be launched within the coming days. Till then, it is a good suggestion to forestall and take away cup surfing if now not essential, and block or block visitors to UDP port 631. It is only a small machine impact,” Benjamin Harris, CEO of WatchTowr, stated in a commentary shared with The Hacker Information.
“With this in thoughts, although the technical boundaries are vital, it’s a long way much less most likely {that a} desktop/workstation with CUPS shall be uncovered to the Web in the similar manner that Linux servers can be.” Satnam Narang, senior group of workers researcher at Tenable, stated those vulnerabilities aren’t on the stage of Log4Shell or Heartbleed. “The reality is that during quite a lot of techniques, whether or not they’re open or closed, there are lots of issues that experience now not been found out and disclosed,” stated Narang. “Safety analysis is essential on this regard and we will and must search higher answers from instrument distributors.” “For organizations which are suffering from those fresh issues, you will need to spotlight that the vulnerabilities which are most influenced are recognized issues that proceed for use via risk teams with world family members, and related to ransomware. which robs organizations of hundreds of thousands of greenbacks once a year .”
Did you in finding this text attention-grabbing? Apply us on Twitter and LinkedIn to learn extra of our content material.
