CVE-2017-18190
Description
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1).
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.7
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Common UNIX Printing System(tm) (USN-3577-1) cups_1.7.2-0ubuntu1.9_i386.deb | Linux |
| Common UNIX Printing System(tm) (USN-3577-1) cups_1.7.2-0ubuntu1.9_amd64.deb | Linux |
| Common UNIX Printing System(tm) (USN-3577-1) cups_2.1.3-4ubuntu0.4_i386.deb | Linux |
| Common UNIX Printing System(tm) (USN-3577-1) cups_2.1.3-4ubuntu0.4_amd64.deb | Linux |
| SUSE-SU-2018:0604-1(SUSE Linux Enterprise Desktop 12-SP2 ) cups-1.7.5-20.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0604-1(SUSE Linux Enterprise Desktop 12-SP2 ) cups-client-1.7.5-20.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0604-1(SUSE Linux Enterprise Desktop 12-SP2 ) cups-client-debuginfo-1.7.5-20.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0604-1(SUSE Linux Enterprise Desktop 12-SP2 ) cups-debuginfo-1.7.5-20.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0604-1(SUSE Linux Enterprise Desktop 12-SP2 ) cups-debugsource-1.7.5-20.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0604-1(SUSE Linux Enterprise Desktop 12-SP2 ) cups-libs-1.7.5-20.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0604-1(SUSE Linux Enterprise Desktop 12-SP2 ) cups-libs-32bit-1.7.5-20.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0604-1(SUSE Linux Enterprise Desktop 12-SP2 ) cups-libs-debuginfo-1.7.5-20.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:0604-1(SUSE Linux Enterprise Desktop 12-SP2 ) cups-libs-debuginfo-32bit-1.7.5-20.3.1.x86_64.rpm | Linux |
| (RHSA-2020:3864) cups security and bug fix update cups-1.6.3-51.el7.x86_64.rpm | Linux |
| (RHSA-2020:3864) cups security and bug fix update cups-client-1.6.3-51.el7.x86_64.rpm | Linux |
| (RHSA-2020:3864) cups security and bug fix update cups-devel-1.6.3-51.el7.i686.rpm | Linux |
| (RHSA-2020:3864) cups security and bug fix update cups-devel-1.6.3-51.el7.x86_64.rpm | Linux |
| (RHSA-2020:3864) cups security and bug fix update cups-filesystem-1.6.3-51.el7.noarch.rpm | Linux |
| (RHSA-2020:3864) cups security and bug fix update cups-ipptool-1.6.3-51.el7.x86_64.rpm | Linux |
| (RHSA-2020:3864) cups security and bug fix update cups-libs-1.6.3-51.el7.i686.rpm | Linux |
| (RHSA-2020:3864) cups security and bug fix update cups-libs-1.6.3-51.el7.x86_64.rpm | Linux |
| (RHSA-2020:3864) cups security and bug fix update cups-lpd-1.6.3-51.el7.x86_64.rpm | Linux |
| (CESA-2020:3864) cups security and bug fix update cups-1.6.3-51.el7.x86_64.rpm | Linux |
| (CESA-2020:3864) cups security and bug fix update cups-client-1.6.3-51.el7.x86_64.rpm | Linux |
| (CESA-2020:3864) cups security and bug fix update cups-devel-1.6.3-51.el7.x86_64.rpm | Linux |
| (CESA-2020:3864) cups security and bug fix update cups-filesystem-1.6.3-51.el7.noarch.rpm | Linux |
| (CESA-2020:3864) cups security and bug fix update cups-ipptool-1.6.3-51.el7.x86_64.rpm | Linux |
| (CESA-2020:3864) cups security and bug fix update cups-libs-1.6.3-51.el7.x86_64.rpm | Linux |
| (CESA-2020:3864) cups security and bug fix update cups-lpd-1.6.3-51.el7.x86_64.rpm | Linux |
| Authentication Bypass by Spoofing Vulnerability (CVE-2017-18190) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234