[STR Closed w/o Resolution] Yes, from the original CERT issue, CUPS is vulnerable to DNS rebinding attacks on the loopback interface out-of-the-box. Link: http://www.cups.org/str.php?L3183 Version: 1.3.10 Fix Version: Will Not Fix