← voltar
CVE-2024-47176

cups-browsed binds to `INADDR_ANY:631`, trusting any packet from any source

CVSS 5.3 MEDIUMEPSS 62.3%CWE-1327
Em resumo

O cups-browsed escuta em todas as interfaces de rede (INADDR_ANY) na porta 631 e aceita informações de impressoras de qualquer origem sem verificação. Um atacante pode enviar dados maliciosos de impressora para ativar caminhos de código vulneráveis que, combinados com outras falhas, podem levar à execução remota de comandos.

Detalhe técnico

O cups-browsed se liga a INADDR_ANY:631 e processa pacotes IPP (Internet Printing Protocol) não confiáveis sem validação de origem, permitindo que um atacante na rede envie requisições crafted Get-Printer-Attributes. Esta exposição de rede, combinada com o encadeamento das vulnerabilidades CVE-2024-47076, CVE-2024-47175 e CVE-2024-47177, possibilita execução remota de código quando um usuário interage com um anúncio de impressora malicioso.

Resumo gerado e traduzido por IA a partir da descrição oficial.
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Produtos afetados
OpenPrinting · cups-browsed

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/OpenPrinting/cups-browsed/blob/master/daemon/cups-browsed.c#L13992https://github.com/OpenPrinting/cups-browsed/commit/1debe6b140c37e0aa928559add4abcc95ce54aa2https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6https://lists.debian.org/debian-lts-announce/2024/09/msg00048.htmlhttps://security.netapp.com/advisory/ntap-20241011-0001/https://www.cups.orghttps://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-Ihttp://www.openwall.com/lists/oss-security/2024/09/27/6http://www.openwall.com/lists/oss-security/2025/09/11/2