Vulnerabilities > CVE-2018-4182 - Unspecified vulnerability in Apple mac OS X

CVSS 8.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

apple

nessus

NVD

Published: 2019-01-11

Updated: 2024-11-21

Summary

In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple MAC OS X - Apple MAC OS X 10.0 Apple MAC OS X 10.0.0 Apple MAC OS X 10.0.1 Apple MAC OS X 10.0.2 Apple MAC OS X 10.0.3 Apple MAC OS X 10.0.4 Apple MAC OS X 10.1 Apple MAC OS X 10.1.0 Apple MAC OS X 10.1.1 Apple MAC OS X 10.1.2 Apple MAC OS X 10.1.3 Apple MAC OS X 10.1.4 Apple MAC OS X 10.1.5 Apple MAC OS X 10.2 Apple MAC OS X 10.2.0 Apple MAC OS X 10.2.1 Apple MAC OS X 10.2.2 Apple MAC OS X 10.2.3 Apple MAC OS X 10.2.4 Apple MAC OS X 10.2.5 Apple MAC OS X 10.2.6 Apple MAC OS X 10.2.7 Apple MAC OS X 10.2.8 Apple MAC OS X 10.3 Apple MAC OS X 10.3.0 Apple MAC OS X 10.3.1 Apple MAC OS X 10.3.2 Apple MAC OS X 10.3.3 Apple MAC OS X 10.3.4 Apple MAC OS X 10.3.5 Apple MAC OS X 10.3.6 Apple MAC OS X 10.3.7 Apple MAC OS X 10.3.8 Apple MAC OS X 10.3.9 Apple MAC OS X 10.4 Apple MAC OS X 10.4.0 Apple MAC OS X 10.4.1 Apple MAC OS X 10.4.2 Apple MAC OS X 10.4.3 Apple MAC OS X 10.4.4 Apple MAC OS X 10.4.5 Apple MAC OS X 10.4.6 Apple MAC OS X 10.4.7 Apple MAC OS X 10.4.8 Apple MAC OS X 10.4.9 Apple MAC OS X 10.4.10 Apple MAC OS X 10.4.11 Apple MAC OS X 10.5 Apple MAC OS X 10.5.0 Apple MAC OS X 10.5.1 Apple MAC OS X 10.5.2 Apple MAC OS X 10.5.3 Apple MAC OS X 10.5.4 Apple MAC OS X 10.5.5 Apple MAC OS X 10.5.6 Apple MAC OS X 10.5.7 Apple MAC OS X 10.5.8 Apple MAC OS X 10.6.0 Apple MAC OS X 10.6.1 Apple MAC OS X 10.6.2 Apple MAC OS X 10.6.3 Apple MAC OS X 10.6.4 Apple MAC OS X 10.6.5 Apple MAC OS X 10.6.6 Apple MAC OS X 10.6.7 Apple MAC OS X 10.6.8 Apple MAC OS X 10.7.0 Apple MAC OS X 10.7.1 Apple MAC OS X 10.7.2 Apple MAC OS X 10.7.3 Apple MAC OS X 10.7.4 Apple MAC OS X 10.7.5 Apple MAC OS X 10.8.0 Apple MAC OS X 10.8.1 Apple MAC OS X 10.8.2 Apple MAC OS X 10.8.3 Apple MAC OS X 10.8.4 Apple MAC OS X 10.8.5 Apple MAC OS X 10.9 Apple MAC OS X 10.9.1 Apple MAC OS X 10.9.2 Apple MAC OS X 10.9.3 Apple MAC OS X 10.9.4 Apple MAC OS X 10.9.5 Apple MAC OS X 10.10.0 Apple MAC OS X 10.10.1 Apple MAC OS X 10.10.2 Apple MAC OS X 10.10.3 Apple MAC OS X 10.10.4 Apple MAC OS X 10.10.5 Apple MAC OS X 10.11.0 Apple MAC OS X 10.11.1 Apple MAC OS X 10.11.2 Apple MAC OS X 10.11.3 Apple MAC OS X 10.11.4 Apple MAC OS X 10.11.5 Apple MAC OS X 10.11.6 Apple MAC OS X 10.12 Apple MAC OS X 10.12.0 Apple MAC OS X 10.12.1 Apple MAC OS X 10.12.2 Apple MAC OS X 10.12.3 Apple MAC OS X 10.12.4 Apple MAC OS X 10.12.5 Apple MAC OS X 10.12.6 Apple MAC OS X 10.13 Apple MAC OS X 10.13.0 Apple MAC OS X 10.13.1 Apple MAC OS X 10.13.2 Apple MAC OS X 10.13.3 Apple MAC OS X 10.13.4	136

Nessus

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-583.NASL
description	This update for cups fixes the following issues : The following security vulnerabilities were fixed : - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend (bsc#1096405) - CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406) - CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling (bsc#1096407) - CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration (bsc#1096408) This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	123253
published	2019-03-27
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123253
title	openSUSE Security Update : cups (openSUSE-2019-583)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-583. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(123253); script_version("1.2"); script_cvs_date("Date: 2020/01/30"); script_cve_id("CVE-2018-4180", "CVE-2018-4181", "CVE-2018-4182", "CVE-2018-4183"); script_name(english:"openSUSE Security Update : cups (openSUSE-2019-583)"); script_summary(english:"Check for the openSUSE-2019-583 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for cups fixes the following issues : The following security vulnerabilities were fixed : - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend (bsc#1096405) - CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406) - CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling (bsc#1096407) - CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration (bsc#1096408) This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096405" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096406" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096407" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096408" ); script_set_attribute(attribute:"solution", value:"Update the affected cups packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cups"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cups-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cups-client-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cups-config"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cups-ddk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cups-ddk-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cups-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cups-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cups-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cups-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcups2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcups2-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcups2-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcups2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupscgi1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupscgi1-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupscgi1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupscgi1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsimage2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsimage2-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsimage2-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsimage2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsmime1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsmime1-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsmime1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsmime1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsppdc1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsppdc1-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsppdc1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcupsppdc1-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/11"); script_set_attribute(attribute:"patch_publication_date", value:"2019/03/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/27"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"cups-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"cups-client-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"cups-client-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"cups-config-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"cups-ddk-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"cups-ddk-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"cups-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"cups-debugsource-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"cups-devel-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcups2-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcups2-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcupscgi1-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcupscgi1-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcupsimage2-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcupsimage2-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcupsmime1-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcupsmime1-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcupsppdc1-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcupsppdc1-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"cups-devel-32bit-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libcups2-32bit-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libcups2-32bit-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libcupscgi1-32bit-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libcupscgi1-32bit-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libcupsimage2-32bit-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libcupsimage2-32bit-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libcupsmime1-32bit-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libcupsmime1-32bit-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libcupsppdc1-32bit-2.2.7-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libcupsppdc1-32bit-debuginfo-2.2.7-lp150.2.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cups / cups-client / cups-client-debuginfo / cups-config / cups-ddk / etc"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2018-2233-1.NASL
description	This update for cups fixes the following issues: Security issues fixed : - CVE-2018-4180: Fix local privilege escalation to root in dnssd backend (bsc#1096405). - CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406). - CVE-2018-4182: Fix cups-exec sandbox bypass due to insecure error handling (bsc#1096407). - CVE-2018-4183: Fix cups-exec sandbox bypass due to profile misconfiguration (bsc#1096408). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	111592
published	2018-08-08
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/111592
title	SUSE SLES11 Security Update : cups (SUSE-SU-2018:2233-1)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2018-2162-1.NASL
description	This update for cups fixes the following issues: The following security vulnerabilities were fixed : - CVE-2017-18248: Handle invalid characters properly in printing jobs. This fixes a problem that was causing the DBUS library to abort the calling process. (bsc#1061066 bsc#1087018) - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend (bsc#1096405) - CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406) - CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling (bsc#1096407) - CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration (bsc#1096408) The following other issue was fixed : - Fixed authorization check for clients (like samba) connected through the local socket when Kerberos authentication is enabled (bsc#1050082) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	111508
published	2018-08-02
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/111508
title	SUSE SLED12 / SLES12 Security Update : cups (SUSE-SU-2018:2162-1)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2018-852.NASL
description	This update for cups fixes the following issues : The following security vulnerabilities were fixed : - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend (bsc#1096405) - CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406) - CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling (bsc#1096407) - CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration (bsc#1096408) This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-05
modified	2018-08-10
plugin id	111633
published	2018-08-10
reporter	This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/111633
title	openSUSE Security Update : cups (openSUSE-2018-852)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2018-822.NASL
description	This update for cups fixes the following issues : The following security vulnerabilities were fixed : - CVE-2017-18248: Handle invalid characters properly in printing jobs. This fixes a problem that was causing the DBUS library to abort the calling process. (bsc#1061066 bsc#1087018) - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend (bsc#1096405) - CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406) - CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling (bsc#1096407) - CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration (bsc#1096408) The following other issue was fixed : - Fixed authorization check for clients (like samba) connected through the local socket when Kerberos authentication is enabled (bsc#1050082) This update was imported from the SUSE:SLE-12:Update update project.
last seen	2020-06-05
modified	2018-08-08
plugin id	111587
published	2018-08-08
reporter	This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/111587
title	openSUSE Security Update : cups (openSUSE-2018-822)

NASL family	MacOS X Local Security Checks
NASL id	MACOS_10_13_5.NASL
description	The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.5. It is, therefore, affected by multiple vulnerabilities. Note that successful exploitation of the most serious issues can result in arbitrary code execution.
last seen	2020-06-01
modified	2020-06-02
plugin id	110324
published	2018-06-05
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/110324
title	macOS 10.13.x < 10.13.5 Multiple Vulnerabilities

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201908-08.NASL
description	The remote host is affected by the vulnerability described in GLSA-201908-08 (CUPS: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in CUPS. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	127957
published	2019-08-20
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127957
title	GLSA-201908-08 : CUPS: Multiple vulnerabilities

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2018-2172-1.NASL
description	This update for cups fixes the following issues: The following security vulnerabilities were fixed : - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend (bsc#1096405) - CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406) - CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling (bsc#1096407) - CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration (bsc#1096408) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-21
modified	2019-01-02
plugin id	120070
published	2019-01-02
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/120070
title	SUSE SLED15 / SLES15 Security Update : cups (SUSE-SU-2018:2172-1)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2018-BDC5BFAEDC.NASL
description	Security fix for CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2019-01-03
plugin id	120749
published	2019-01-03
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/120749
title	Fedora 28 : 1:cups (2018-bdc5bfaedc)

Summary

Vulnerable Configurations

Nessus

References