![]() Only use this fix if you have looked through the sectionĪbove, and Option 5 is the only option you’re able to implement. Q How do I manually replace the pc-pdl-to-image.exe binary? How do I manually replace the pc-pdl-to-image.exe binary? If none of the above suit your environment, you can download a fixed version of the pc-pdl-to-image.exe and replace it on your Application Server. If you’re unable to upgrade to version 23.0.1 or later, and you need to continue using Print Archiving, and you don’t want to install GhostTrap, then you can create a directory on your Application Server file system: C:\gs\bin and remove write permissions for all accounts except administrators. If you’re unable to upgrade to version 23.0.1 or later, and you need to continue using Print Archiving, then ensure ghostTrap is installed in C:\Program Files\GhostTrap. If you’re unable to upgrade to version 23.0.1 or later, and turning off Print Archiving is an option, you can switch that off under Options > General > Print Archiving, then uncheck Enable Print Archiving. Upgrade your Application Server to version 23.0.1 or later (see How do I tell if my Application Server is at risk?Īre true, there are several options to mitigate this vulnerability: ![]() If you’re unable to immediately update to 23.0.1 or later, there are other mitigation options listed below under How do I mitigate this vulnerability? Linux or macOS platforms are not impacted.Īre there any other mitigations available? Note that this only impacts Application Servers running on Windows platforms. PaperCut NG/MF Direct Print Monitors (Print Providers).PaperCut NG/MF secondary servers (Print Providers).Which PaperCut components or products are NOT impacted? Which PaperCut MF or NG components are impacted? Print Archiving feature is enabled, without GhostTrap installed.Īpplication Servers running version 23.0.1 or later.PaperCut NG/MF Application Servers where all of the following are true: ![]() , and published this security bulletin including details of the manual mitigation. We have now retroactively added the release note for PIE-547 into the ![]() This delay was so that customers can have a head-start on upgrading to a non-vulnerable version. This security bulletin and information about CVE-2023-6006 was then published on 14th November 2023. We publicly released PaperCut MF and NG version 23.0.1 on 31st October, 2023. While the Trend Micro advisory may only mention PaperCut NG, we have confirmed that this impacts both PaperCut NG and PaperCut MF (see Note: Trend Micro are looking to publicly disclose additional information about this. This vulnerability has been rated with a CVSS score of 6.4: (CVSSv3 Vector:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |