Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : cups-1.6.3-51.el7 (AXSA:2020-557:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-557:05 advisory. cups: DNS rebinding attacks via incorrect whitelist CVE-2017-18190 cups: stack-buffer-overflow in libcups's asn1gettype function CVE-2019-8675 cups:...

8.8CVSS7.9AI score0.02979EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2018:0604-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.02979EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.32 views

Scientific Linux Security Update : cups on SL7.x x86_64 (20201001)

Security Fixes : - cups: DNS rebinding attacks via incorrect whitelist CVE-2017-18190 - cups: stack-buffer-overflow in libcups's asn1gettype function CVE-2019-8675 - cups: stack-buffer-overflow in libcups's asn1getpacked function CVE-2019-8696 C Tenable Network Security, Inc. The descriptive text...

8.8CVSS6.2AI score0.02979EPSS
Exploits1References4
Cent OS
Cent OS
added 2020/10/20 5:51 p.m.605 views

cups security update

CentOS Errata and Security Advisory CESA-2020:3864 An update for cups is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS6.6AI score0.02979EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2020/10/07 12:0 a.m.26 views

Oracle Linux 7 : cups (ELSA-2020-3864)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3864 advisory. - 1823758 - CVE-2017-18190 cups: DNS rebinding attacks via incorrect whitelist rhel-7 - 1774460 - CVE-2019-8696 cups: stack-buffer-overflow in libcupss...

8.8CVSS6.5AI score0.02979EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2018-1080)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02979EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2018-1079)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02979EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/07/09 12:0 a.m.26 views

Debian: Security Advisory (DLA-1412-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.02979EPSS
Exploits2References3
Debian
Debian
added 2018/07/03 7:0 p.m.35 views

[SECURITY] [DLA 1412-1] cups security update

Package : cups Version : 1.7.5-11+deb8u3 CVE ID : CVE-2017-18190 CVE-2017-18248 Two vulnerabilities affecting the cups printing server were found which can lead to arbitrary IPP command execution and denial of service. CVE-2017-18190 A localhost.localdomain whitelist entry in validhost in...

7.5CVSS7.1AI score0.02979EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2018/05/02 12:0 a.m.30 views

EulerOS 2.0 SP2 : cups (EulerOS-SA-2018-1080)

According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - CUPS printing system provides a portable printing layer for UNIXAr operating systems. It has been developed by Apple Inc.to promote a standard...

7.5CVSS7.4AI score0.02979EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/03/14 12:0 a.m.17 views

openSUSE: Security Advisory for cups (openSUSE-SU-2018:0618-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.02979EPSS
Exploits1References2
OSV
OSV
added 2018/03/05 9:43 a.m.7 views

SUSE-SU-2018:0604-1 Security update for cups

This update for cups fixes the following issues: - CVE-2017-18190: Removed localhost.localdomain from list of trustworthy hosts in scheduler/client.c to avoid arbitrary IPP command execution in conjunction with DNS rebinding. bsc1081557...

7.5CVSS7.8AI score0.02979EPSS
Exploits1References3
Mageia
Mageia
added 2018/02/26 11:40 p.m.46 views

Updated cups packages fix security vulnerability

Updated cups packages fix security vulnerability: Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could...

7.5CVSS0.9AI score0.02979EPSS
Exploits1References2
Debian
Debian
added 2018/02/22 3:20 p.m.21 views

[SECURITY] [DLA 1288-1] cups security update

Package : cups Version : 1.5.3-5+deb7u7 CVE ID : CVE-2017-18190 It was discovered that there was an issue in the CUPS printer framework where remote attackers could execute arbitrary commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. This was caused by a...

7.5CVSS8AI score0.02979EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/02/21 12:5 a.m.55 views

USN-3577-1: CUPS vulnerability

Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could potentially exploit this to obtain sensitive information...

7.5CVSS6.8AI score0.02979EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/02/21 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-3577-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02979EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/02/21 12:0 a.m.30 views

Ubuntu 14.04 LTS / 16.04 LTS : CUPS vulnerability (USN-3577-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3577-1 advisory. Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to localhost.localdomain from the loopback interface. If a user were...

7.5CVSS6.8AI score0.02979EPSS
Exploits1References2
NVD
NVD
added 2018/02/16 5:29 p.m.16 views

CVE-2017-18190

A localhost.localdomain whitelist entry in validhost in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS serve...

7.5CVSS7.8AI score0.02979EPSS
Exploits1References5
CVE
CVE
added 2018/02/16 5:0 p.m.651 views

CVE-2017-18190

CVE-2017-18190 affects the CUPS printing system. Connected sources confirm a vulnerability where a localhost.localdomain whitelist entry in valid_host() (scheduler/client.c) in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon ...

7.5CVSS7.8AI score0.02979EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder