CVE-2017-18190

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-18190
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-18190.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-18190
Downstream
Related
Published
2018-02-16T17:29:00.217Z
Modified
2026-03-20T11:18:42.374731Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1).

References

Affected packages

Git / github.com/apple/cups

Affected ranges

Type
GIT
Repo
https://github.com/apple/cups
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
0f2f21af96909ef93924940f59d608676cb0bc91
Fixed
afa80cb2b457bf8d64f775bed307588610476c41
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.2.2"
        }
    ]
}

Affected versions

v2.*
v2.2b1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-18190.json"
vanir_signatures 
[
    {
        "source": "https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41",
        "deprecated": false,
        "id": "CVE-2017-18190-1743f3f3",
        "digest": {
            "line_hashes": [
                "302658024072875243033420850438614531105",
                "130160219874356529203486071918946739631",
                "142938483384107584627827293240756089848",
                "84374574546196658409403027367894262207",
                "83071393015830832112070740309847556480",
                "50811428831373237049626290172088440588"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "scheduler/client.c"
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41",
        "deprecated": false,
        "id": "CVE-2017-18190-857bba39",
        "digest": {
            "length": 2468.0,
            "function_hash": "179072345992092918136522306449204847340"
        },
        "target": {
            "file": "scheduler/client.c",
            "function": "valid_host"
        },
        "signature_type": "Function",
        "signature_version": "v1"
    }
]
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "14.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "16.04"
            }
        ]
    }
]