this post was submitted on 27 Sep 2024
42 points (100.0% liked)

Linux

5362 readers
116 users here now

A community for everything relating to the linux operating system

Also check out !linux_memes@programming.dev

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 1 year ago
MODERATORS
 

cross-posted from: https://ani.social/post/6217644

you are viewing a single comment's thread
view the rest of the comments
[–] mox@lemmy.sdf.org 2 points 1 month ago* (last edited 1 month ago)

Either of these commands will reveal processes listening on the port that's vulnerable by default:

$ sudo lsof -i :631
$ sudo fuser -v 631/tcp 631/udp

The wording of this post gives me the impression that it could exploited even if you don't have any such processes, if your system contacts a malicious or compromised print server. I would avoid browsing or using printers on unsafe networks until this is patched.

The port 631 process just makes it worse, by allowing someone else to initiate that contact remotely.