Public bug reported: Binary package hint: cupsys
I just found out cups is set up to listen to http requests on port 631. Some commands require authentication but others don't, which I guess can be exploited. Take for example this html code: <html> <body> Testing. <img src="http://localhost:631/printers/DeskJet-XXX?op=print-test-page";> </body> </html> If you have a printer with the given model, browsing to this page will make cups print a test page. Of course, this code can be extended to include a list of multiple models, other operations, etc. Even operations which need authentication can be exploited if the username and password are cached. ** Affects: cupsys (Ubuntu) Importance: Undecided Status: Unconfirmed -- [feisty] web vulnerability https://bugs.launchpad.net/bugs/106245 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list [EMAIL PROTECTED] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
