The CUPS explout is here: GitHub - RickdeJager/cupshax
github.com
I hope this goes without saying but please do not run this on machines you don't own.
The good news:
- the exploit seems to require user action
The bad news:
-
Device Firewalls are ineffective against this
-
if someone created a malicious printer on a local network like a library they could create serious issues
-
it is hard to patch without breaking printing
-
it is very easy to create printers that look legit
-
even if you don't hit print the cups user agent can reveal lots of information. This may be blocked at the Firewall
TLDR: you should be careful hitting print
You are viewing a single comment
CUPS facing the public internet sounds a bit crazy. Why would you print when not physicly near the printer?
I think this would likely be most troublesome on some of the OG internet users that got a whole freaking /8, /10, or /12 or something like AT&T or universities. Up until very recently, and possibly even to the present, these organizations had such large IPv4 space, that there was no need to do NAT, and each device had a publicly addressable IP.
https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks
Everything would still be behind a firewall though
everything should be behind a firewall