Critical RCE Vulnerabilities Found in Common Unix Printing System
The newly identified vulnerabilities exploit improper input validation when managing printer requests over the network
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The newly identified vulnerabilities exploit improper input validation when managing printer requests over the network
Exploitation Requires Victim to Print On Rogue PrinterAttackers can exploit a series of vulnerabilities in the OpenPrinting Common Unix Printing System utility to remotely execute arbitrary code on certain machines. Major Linux distributions reacted Friday by releasing patches. Exploitation requires a victim to attempt to print from a malicious device.
Path Traversal Flaw Allows Malicious Actors to Exploit Kyocera's Device ManagerResearchers found a path traversal vulnerability in Kyocera's Device Manager product, which is used for overseeing large printer fleets in mid- to large-sized enterprises. Attackers could exploit the flaw to obtain NTLM hashes by changing the location of a backup database.
A nasty SSRF bug in Web Services plagues a laundry list of enterprise printers.