Количество 13
Количество 13
BDU:2024-07643
Уязвимость демона cups-browsed сервера печати CUPS, позволяющая нарушителю выполнить произвольный код и раскрыть защищаемую информацию
CVE-2024-47176
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
CVE-2024-47176
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
CVE-2024-47176
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
CVE-2024-47176
CUPS is a standards-based, open-source printing system, and `cups-brow ...
SUSE-SU-2024:3523-1
Security update for cups-filters
SUSE-SU-2024:3711-1
Security update for cups-filters
SUSE-SU-2024:3570-1
Security update for cups-filters
RLSA-2024:7463
Important: cups-filters security update
RLSA-2024:7346
Important: cups-filters security update
ELSA-2024-7463
ELSA-2024-7463: cups-filters security update (IMPORTANT)
ELSA-2024-7346
ELSA-2024-7346: cups-filters security update (IMPORTANT)
ELSA-2024-7553
ELSA-2024-7553: cups-filters security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-07643 Уязвимость демона cups-browsed сервера печати CUPS, позволяющая нарушителю выполнить произвольный код и раскрыть защищаемую информацию | CVSS3: 9 | 87% Высокий | около 1 года назад |
 | CVE-2024-47176 CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to. | CVSS3: 5.3 | 87% Высокий | около 1 года назад |
 | CVE-2024-47176 CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to. | CVSS3: 7.5 | 87% Высокий | около 1 года назад |
 | CVE-2024-47176 CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to. | CVSS3: 5.3 | 87% Высокий | около 1 года назад |
| CVE-2024-47176 CUPS is a standards-based, open-source printing system, and `cups-brow ... | CVSS3: 5.3 | 87% Высокий | около 1 года назад |
 | SUSE-SU-2024:3523-1 Security update for cups-filters | 87% Высокий | около 1 года назад | |
| SUSE-SU-2024:3711-1 Security update for cups-filters | около 1 года назад | ||
| SUSE-SU-2024:3570-1 Security update for cups-filters | около 1 года назад | ||
 | RLSA-2024:7463 Important: cups-filters security update | около 1 года назад | ||
| RLSA-2024:7346 Important: cups-filters security update | около 1 года назад | ||
| ELSA-2024-7463 ELSA-2024-7463: cups-filters security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-7346 ELSA-2024-7346: cups-filters security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-7553 ELSA-2024-7553: cups-filters security update (IMPORTANT) | 12 месяцев назад |
Уязвимостей на страницу