“A remote unauthenticated attacker can silently replace existing printers’ (or install new ones) IPP urls with a malicious one, resulting in arbitrary command execution (on the computer) when a print job is started (from that computer).”
Just spent some time removing CUPS from my Linux servers where it is not needed and only added to my attack surface. What other services should be removed from Linux servers?
You must log in or register to comment.