Ubuntu Security Notice USN-3577-1
20th February, 2018
cups vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
CUPS could be made to provide access to printers over the network.
Software description
Jann Horn discovered that CUPS permitted HTTP requests with the Host
header set to "localhost.localdomain" from the loopback interface. If a
user were tricked in to opening a specially crafted website in their web
browser, an attacker could potentially exploit this to obtain sensitive
information or control printers, via a DNS rebinding attack.
(CVE-2017-18190)
Update instructions
The problem can be corrected by updating your system to the following package version:
Ubuntu 16.04 LTS:
cups 2.1.3-4ubuntu0.4
Ubuntu 14.04 LTS:
cups 1.7.2-0ubuntu1.9
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
CVE-2017-18190
Continue reading...
20th February, 2018
cups vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
CUPS could be made to provide access to printers over the network.
Software description
- cups - Common UNIX Printing System(tm)
Jann Horn discovered that CUPS permitted HTTP requests with the Host
header set to "localhost.localdomain" from the loopback interface. If a
user were tricked in to opening a specially crafted website in their web
browser, an attacker could potentially exploit this to obtain sensitive
information or control printers, via a DNS rebinding attack.
(CVE-2017-18190)
Update instructions
The problem can be corrected by updating your system to the following package version:
Ubuntu 16.04 LTS:
cups 2.1.3-4ubuntu0.4
Ubuntu 14.04 LTS:
cups 1.7.2-0ubuntu1.9
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
CVE-2017-18190
Continue reading...
