A Python-based scanner for identifying instances of the CUPS (Common Unix Printing System) that are vulnerable to CVE-2024-47176 and related vulnerabilities, which could lead to remote code execution. The tool sends specially crafted UDP packets to target IP ranges, setting up a server to capture callbacks from potentially vulnerable systems.
Under certain conditions, attackers can chain vulnerabilities in multiple components of the CUPS printing system to execute arbitrary code remotely on Linux machines, but the service is usually not enabled by default, mitigating the risk.
- CVE-2024-47076 (libcupsfilters)
- CVE-2024-47175 (libppd),
- CVE-2024-47176 (cups-browsed)
- CVE-2024-47177 (cups-filters)
"discovered by Simone Margaritelli, these security flaws don't affect systems in their default configuration."
- CVE-2024-47076 (libcupsfilters)
- CVE-2024-47175 (libppd),
- CVE-2024-47176 (cups-browsed)
- CVE-2024-47177 (cups-filters)
"discovered by Simone Margaritelli, these security flaws don't affect systems in their default configuration."
