Localhost Domain Whitelist Vulnerability in CUPS Software by Apple
CVE-2017-18190

7.5HIGH

Key Information:

Vendor
Apple
Status
Cups
Vendor
CVE Published:
16 February 2018

Summary

A vulnerability exists in CUPS where the localhost.localdomain entry in the valid_host() function before version 2.2.2 allows attackers to execute arbitrary Internet Printing Protocol (IPP) commands. This can be exploited via crafted POST requests sent to the CUPS daemon, particularly when combined with DNS rebinding attacks. Since localhost.localdomain may resolve through a DNS server rather than being confined to 127.0.0.1, unauthorized remote access becomes feasible, posing security risks to systems running vulnerable versions of CUPS.

References

https://usn.ubuntu.com/3577-1/
vendor-advisoryx_refsource_UBUNTU
https://lists.debian.org/debian-lts-announce/2018/07/msg0...
mailing-listx_refsource_MLIST
https://github.com/apple/cups/commit/afa80cb2b457bf8d64f7...
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.