Demonstrating the New Linux Exploit (9.9 CVSS)

15.454 Lượt nghe

00:00

Update Required To play the media you will need to either update your browser to a recent version or update your Flash plugin.

Tải MP3

MÔ TẢ MP3TIẾP THEO

Demonstrating the New Linux Exploit (9.9 CVSS)

A deep dive into CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177. A remote unauthenticated attacker can silently replace existing printers or install new ones with a malicious one, resulting in arbitrary command execution (on the computer) when a print job is started.

Timestamps:
0:00 - Introduction
1:45 - Vulnerability Overview
5:50 - Shodan Impact
7:04 - What is CUPS?
8:15 - The Internet Printing Protocol (IPP)
10:00 - Proof of Concept
19:05 - Remote Code Execution
26:10 - Getting a Shell
32:20 - Mitigation

References:
- https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
- https://www.phoronix.com/news/Linux-CVSS-9.9-Rating
- https://github.com/RickdeJager/cupshax/					

Demonstrating the New Linux Exploit (9.9 CVSS)

Nhạc Theo Chủ Đề

Liên kết website