The issue is that since this service binds to 0.0.0.0, which on Linux signifies all IP addresses and interfaces, it additionally discovers printers over the web if the port shouldn’t be blocked within the system firewall. How huge is that this downside? Margaritelli scanned the web for a few weeks for gadgets that listened on UDP 631 and located lots of of 1000’s with peaks of 200-300K concurrent gadgets.
Whereas there are possible lots of of hundreds of thousands of Linux gadgets on the web, that quantity may not appear excessive, nevertheless it’s definitely large enough for a really highly effective botnet in the event that they have been to be compromised. Additionally, as attackers have confirmed time and time in the past, getting a foothold inside a community shouldn’t be that tough, and from there this subject can doubtlessly be exploited for lateral motion.
“Properly it seems that when you may configure who can and who can’t join by enhancing the /and many others/cups/cups-browsed.conf configuration file… the default configuration file, on just about any system, is totally commented out and easily permits anybody,” the researcher mentioned.
