Lexmark Multiple Laser printer FTP Remote Denial of Services

2010.03.26
Credit: Francis Provencher
Risk: Medium
Local: No
Remote: Yes
CVE: CVE-2010-0618
CWE: CWE-Other


CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Partial

######################################################################## ############# Application: Lexmark Multiple Laser Printer FTP Remote Denial of Services Platforms: Lexmark Multiple Laser printer Exploitation: Remote Exploitable CVE Number: CVE-2010-0618 Discover Date: 2010-01-06 Author: Francis Provencher (Protek Research Lab's) Website: http://www.protekresearchlab.com ######################################################################## ############# 1) Introduction 2) Report Timeline 3) Technical details 4) Products affected 5) The Code ######################################################################## ############# ================= 1) Introduction ================= Lexmark specializes in printers and printer accessories. Its current range of products includes color and monochrome laser printers and inkjet printers, both of which may include scanners (including all-in-one devices with faxing and copying capabilities and photo printers), and dot matrix printers. Lexmark was one of the first companies to release wifi inkjet printers and the very first to release printers with a web-enabled touchscreen, coming in early September of 2009. They also offer a wide variety of laser printers with software solutions for more professional printing environments. (Wikipedia) ######################################################################## ############# ==================== 2) Report Timeline ==================== 2010-01-06 Vendor Contacted 2010-01-09 Vendor Response 2010-01-09 Vendor request a PoC 2010-01-10 PoC is sent to the vendor 2010-01-12 Vendor confirme they received PoC 2010-01-13 Vendor confirm the vulnerability 2010-03-22 Public release of this advisory ######################################################################## ############# ====================== 3) Technical details ====================== Lexmark products have connection flood protection mechanisms that limit the number of simultaneous network connections that can be made to the device on most TCP service ports. (21/FTP 79/Finger, 515/LPD, 631/IPP, 5001, 9100-9104, 9200, 9300, 9400, 9500-9501 & 9600) The FTP service exception handler does not properly maintain the state of the flood protection when passive FTP connections are aborted. Once a sufficient number of passive FTP connections have timed out (typically 15), the flood protection is enabled and is never reset. The flood protection can be reset by resetting the network adapter, or by power cycling the device. ######################################################################## ############# ===================== 4) Product affected ===================== The list is too long, you can found information on the Lexmark web site; http://support.lexmark.com/alerts ######################################################################## ############# ============= 5) The Code ============= No proof of concept code are required. ######################################################################## ############# (PRL-2010-02)

References:

http://www.securityfocus.com/bid/38906
http://www.securityfocus.com/archive/1/archive/1/510285/100/0/threaded
http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top