SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Printer)  >   Lexmark Printer Vendors:   Lexmark
Lexmark Printer Web Interface Can Be Crashed By Remote Users Sending Long HOST Header Values
SecurityTracker Alert ID:  1010743
SecurityTracker URL:  http://securitytracker.com/id/1010743
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 20 2004
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): Model T522; Others may also be affected
Description:   A denial of service vulnerability was reported in some Lexmark printers in the built-in administrative web interface. A remote user can cause the interface to restart or become unavailable.

Peter Kruse reported that a remote user can supply an HTTP request with a long HOST value in the HTTP header. A demonstration exploit request is provided:

GET / HTTP/1.0\r\n /Host:AAAAAA[1024]

The report indicates that several Dell network printers may use the same web administrative interface software and may therefore be vulnerable.

The vendor has reportedly been notified without response.

Impact:   A remote user can cause the web-based administrative interface to crash or restart.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.lexmark.com/ (Links to External Site)
Cause:   Boundary error, Exception handling error

Message History:   None.


 Source Message Contents

Subject:  Denial of Service vulnerability in several Lexmark HTTP servers


Denial of Service vulnerability in several Lexmark HTTP servers.

Several Lexmark network printers is shipped with a build-in HTTP server for
administrative tasks. The webserver software is vulnerable to a Denial of
Service attack that will force the webserver to restart and/or stop taking
requests.

The vulnerability has been discovered during a security audit and was
positively identified in model T522 (others models are affected by this
issue as well). As far as we know many Dell network printers also uses this
webserver software and are therefore likely to be vulnerable.

The Server does not handle long HOST arguments in the HTTP Header correctly
and therefore causes the server to crash.

We recommend that Lexmark ASAP updates their firmware in order to fix this
issue. However, we have not been able to get in contact with Lexmark. They
have choosen not to reply on our e-mails.

This issue can be reproduced by sending a large buffer (1024 characters) in
the HTTP host request, eg. GET / HTTP/1.0\r\n /Host:AAAAAA[1024].

Kind regards
Peter Kruse
http://www.csis.dk

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC