[plug] new CUPS exploit or an old one?
Gavin Chester
gavinchester1 at hotmail.com
Mon May 16 13:31:33 WST 2005
On Mon, 2005-05-16 at 12:48 +0800, Mark O'Shea wrote:
> On Mon, May 16, 2005 12:26 pm, Gavin Chester said:
> > Several replies received in chron. order below:
> <--snip-->
> Lots of replies, but so far nobody seems to have looked at your log which
> says that it wasn't targetting your machine at all, it was a broadcast
> (255.255.255.255). This wouldn't be passed between clients of the ISP (we
> would hope, otherwise god help us all) and so must have come from your
> network.
I'll have to take your word on that because my network knowledge is low.
However, how does that fit with my observation given before that (quote
self) 1/ Nobody was sat in front of any PC on the LAN at the time and no
jobs were spooled for printing (... and despite that) ... AFAIK CUPS
would not run from an outside IP for local printing and any machine
using CUPS locally would only use the local IP designated to this PC of
192.168.0.254, surely? (end quote).
Maybe this whole episode is part of CUPS workings that remains a mystery
to me?
Regards, Gavin.
More information about the plug
mailing list