PublicDateAtUSN: 2018-02-16
Candidate: CVE-2017-18190
PublicDate: 2018-02-16 17:29:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18190
 https://bugs.chromium.org/p/project-zero/issues/detail?id=1048
 https://ubuntu.com/security/notices/USN-3577-1
Description:
 A localhost.localdomain whitelist entry in valid_host() in
 scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute
 arbitrary IPP commands by sending POST requests to the CUPS daemon in
 conjunction with DNS rebinding. The localhost.localdomain name is often
 resolved via a DNS server (neither the OS nor the web browser is
 responsible for ensuring that localhost.localdomain is 127.0.0.1).
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: chrisccoulson
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N [7.5 HIGH]


Patches_cups:
 upstream: https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41
upstream_cups: released (2.2.2)
precise/esm_cups: DNE
trusty_cups: released (1.7.2-0ubuntu1.9)
trusty/esm_cups: DNE (trusty was released [1.7.2-0ubuntu1.9])
xenial_cups: released (2.1.3-4ubuntu0.4)
esm-infra/xenial_cups: released (2.1.3-4ubuntu0.4)
artful_cups: not-affected (2.2.4-7ubuntu2)
devel_cups: not-affected (2.2.6-5)