• mox@lemmy.sdf.org
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    1 month ago

    Either of these commands will reveal processes listening on the port that’s vulnerable by default:

    $ sudo lsof -i :631
    
    $ sudo fuser -v 631/tcp 631/udp
    

    The wording of this post gives me the impression that it could exploited even if you don’t have any such processes, if your system contacts a malicious or compromised print server. I would avoid browsing or using printers on unsafe networks until this is patched.

    The port 631 process just makes it worse, by allowing someone else to initiate that contact remotely.