Comment 3 for bug 106245

Please elaborate about this. By default, cupsd only listens on localhost. Local users can do printing operations much easier.

On top of that, administrative operations are restricted to localhost:

  # Restrict access to the admin pages...
  <Location /admin>
    Order allow,deny
    Allow localhost
  </Location>

If you manually enable cupsd to listen on all ports (as gnome-cups-manager's 'Share printer' menu option), remote printing is probably exactly what you want. :)

So, what is the vulnerability here?