Leaflet@lemmy.world to Linux@lemmy.mlEnglish · 2 months agoAttacking UNIX Systems via CUPS, Part I | CUPS Remote Code Executionwww.evilsocket.netexternal-linkmessage-square29fedilinkarrow-up1102arrow-down10file-textcross-posted to: cybersec@fed.dyne.org
arrow-up1102arrow-down1external-linkAttacking UNIX Systems via CUPS, Part I | CUPS Remote Code Executionwww.evilsocket.netLeaflet@lemmy.world to Linux@lemmy.mlEnglish · 2 months agomessage-square29fedilinkfile-textcross-posted to: cybersec@fed.dyne.org
minus-squaremasterofn001@lemmy.calinkfedilinkarrow-up3·2 months agoThey’re standardised zeroconnf protocols. Apple was part of the early development. Bonjour is the apple implementation for mDNS. Avahi is the GPL compliant implementation. mDNS, llmnr (ms developed), have been known for ages to be vulnerable. https://en.m.wikipedia.org/wiki/Zero-configuration_networking#Standardization *I don’t like apple
minus-squaremasterofn001@lemmy.calinkfedilinkarrow-up1·edit-22 months agohttps://duckduckgo.com/?q=mdns+vulnerability&t=fpas&ia=web https://book.hacktricks.xyz/generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks
They’re standardised zeroconnf protocols. Apple was part of the early development.
Bonjour is the apple implementation for mDNS.
Avahi is the GPL compliant implementation.
mDNS, llmnr (ms developed), have been known for ages to be vulnerable.
https://en.m.wikipedia.org/wiki/Zero-configuration_networking#Standardization
*I don’t like apple
To be vulnerable to what?
https://duckduckgo.com/?q=mdns+vulnerability&t=fpas&ia=web
https://book.hacktricks.xyz/generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks