Content for cups-browsed vulnerability chain detection/mitigation

This weekend, I created some content for finding vulnerable cups-browsed configurations. Additionally, I created a Fixlet to stop and disable the cups-browsed service on Linux systems. There is also a second Fixlet for editing /etc/cups/cups-browsed.conf and removing the remote browsing protocols that contribute to this chain.

Tested on Ubuntu and Oracle Enterprise Linux, but should work on any systemd-enabled system.

3 Likes