[plug] new CUPS exploit or an old one?
Daniel J. Axtens
danielax at gmail.com
Mon May 16 11:02:17 WST 2005
> Eftel is my ISP, so am I right in believing that it looks like someone
> on my ISP network is trying to exploit me?
>
> Should I be worried?
>
> Should I send a complaint to their abuse at paradox.net.au ?
Couldn't the IP address be spoofed? (i.e. the address is not the real
address of the exploiter.)
This would make it rather pointless to send a complaint to paradox, as
they wouldn't be responsible.
Just wondering.
HTH,
Daniel Axtens
On 5/15/05, Gavin Chester <gavinchester1 at hotmail.com> wrote:
> Is there a new exploit via CUPS that anyone knows about? I am running
> CUPS 1.1.22, which is one version behind the latest stable, on a FC3
> system. I googled and found no news of anything new and I should be okay
> since this version is newer than the version given after the last cups
> security advisory in Jan 2005. Nevertheless, I saw an attempt to use
> CUPS for the first time as shown in this packet capture in my ethereal
> logs this morning:
>
>--snip--
>
> Eftel is my ISP, so am I right in believing that it looks like someone
> on my ISP network is trying to exploit me?
>
> Should I be worried?
>
> Should I send a complaint to their abuse at paradox.net.au ?
>
> Your experienced hacker opinions welcomed :-)
>
> Regards, Gavin.
>
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>
--
Neuronstorm: neuronstorm.sourceforge.net
The Neuronstorm Blog: leinad-golb.blogspot.com
More information about the plug
mailing list