Published: 10/08/2018 Updated: 03/10/2019

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions before 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, before 2.2.4-7ubuntu3.1 in Ubuntu 17.10, before 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and before 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 8.0
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04
debian debian linux 9.0
canonical ubuntu linux 17.10
cups cups -
canonical ubuntu linux 18.04

Several security issues were fixed in CUPS ...

Debian Bug report logs - #903605 cups: CVE-2018-6553 Package: src:cups; Maintainer for src:cups is Debian Printing Team <debian-printing@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 11 Jul 2018 19:15:02 UTC Severity: serious Tags: patch, security Found in version cups/221-8 F ...

Several vulnerabilities were discovered in CUPS, the Common UNIX Printing System These issues have been identified with the following CVE ids: CVE-2017-15400 Rory McNamara discovered that an attacker is able to execute arbitrary commands (with the privilege of the CUPS daemon) by setting a malicious IPP server with a crafted PPD file ...

NVD-CWE-noinfo https://usn.ubuntu.com/usn/usn-3713-1 https://www.debian.org/security/2018/dsa-4243 https://lists.debian.org/debian-lts-announce/2018/07/msg00014.html https://security.gentoo.org/glsa/201908-08 https://nvd.nist.gov https://usn.ubuntu.com/3713-1/

CVE-2018-6553

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect