Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2017-18190
HistoryFeb 16, 2018 - 12:00 a.m.

CVE-2017-18190

2018-02-1600:00:00
ubuntu.com
ubuntu.com
20

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.003

Percentile

70.6%

JSON

A localhost.localdomain whitelist entry in valid_host() in
scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute
arbitrary IPP commands by sending POST requests to the CUPS daemon in
conjunction with DNS rebinding. The localhost.localdomain name is often
resolved via a DNS server (neither the OS nor the web browser is
responsible for ensuring that localhost.localdomain is 127.0.0.1).

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchcups< 1.7.2-0ubuntu1.9UNKNOWN
ubuntu16.04noarchcups< 2.1.3-4ubuntu0.4UNKNOWN

Related

openvas 10
nessus 20
osv 3
debian 2
redhatcve 1
prion 1
mageia 1
cvelist 1
f5 1
cve 1
ubuntu 1
veracode 1
suse 2
alpinelinux 1
debiancve 1
nvd 1
amazon 1
redhat 2
oraclelinux 1
centos 1
openvas
openvas
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2018-1079)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2018-0147)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-3577-1)
2018-02-21 00:00:00
nessus
nessus
EulerOS 2.0 SP1 : cups (EulerOS-SA-2018-1079)
2018-05-02 00:00:00
EulerOS 2.0 SP2 : cups (EulerOS-SA-2018-1080)
2018-05-02 00:00:00
openSUSE Security Update : cups (openSUSE-2018-225)
2018-03-07 00:00:00
osv
osv
CVE-2017-18190
2018-02-16 17:29:00
cups - security update
2018-02-22 00:00:00
cups - security update
2018-07-03 00:00:00
debian
debian
[SECURITY] [DLA 1288-1] cups security update
2018-02-22 15:20:39
[SECURITY] [DLA 1412-1] cups security update
2018-07-03 19:00:03
redhatcve
redhatcve
CVE-2017-18190
2019-05-14 11:52:20
prion
prion
Command injection
2018-02-16 17:29:00
mageia
mageia
Updated cups packages fix security vulnerability
2018-02-27 02:40:56
cvelist
cvelist
CVE-2017-18190
2018-02-16 17:00:00
f5
f5
K84301413 : CUPS vulnerability CVE-2017-18190
2022-07-21 00:00:00
cve
cve
CVE-2017-18190
2018-02-16 17:29:00
ubuntu
ubuntu
CUPS vulnerability
2018-02-21 00:00:00
veracode
veracode
Arbitrary IPP Command Execution
2018-04-23 06:43:13
suse
suse
Security update for cups (important)
2018-03-07 00:11:16
Security update for cups (important)
2018-03-05 15:11:52
alpinelinux
alpinelinux
CVE-2017-18190
2018-02-16 17:29:00
debiancve
debiancve
CVE-2017-18190
2018-02-16 17:29:00
nvd
nvd
CVE-2017-18190
2018-02-16 17:29:00
amazon
amazon
Medium: cups
2020-10-22 17:24:00
redhat
redhat
(RHSA-2020:3864) Moderate: cups security and bug fix update
2020-09-29 07:38:43
(RHSA-2020:4264) Low: OpenShift Container Platform 4.3.40 security and bug fix update
2020-10-20 21:25:42
oraclelinux
oraclelinux
cups security and bug fix update
2020-10-06 00:00:00
centos
centos
cups security update
2020-10-20 17:51:56

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.003

Percentile

70.6%

JSON
Related for UB:CVE-2017-18190
openvas10nessus20osv3debian2redhatcve1prion1mageia1cvelist1f51cve1ubuntu1veracode1suse2alpinelinux1debiancve1nvd1amazon1redhat2oraclelinux1centos1