Denial of Service vulnerability in several Lexmark HTTP servers
Denial of Service vulnerability in several Lexmark HTTP servers.
Several Lexmark network printers is shipped with a build-in HTTP server for
administrative tasks. The webserver software is vulnerable to a Denial of
Service attack that will force the webserver to restart and/or stop taking
requests.
The vulnerability has been discovered during a security audit and was
positively identified in model T522 (others models are affected by this
issue as well). As far as we know many Dell network printers also uses this
webserver software and are therefore likely to be vulnerable.
The Server does not handle long HOST arguments in the HTTP Header correctly
and therefore causes the server to crash.
We recommend that Lexmark ASAP updates their firmware in order to fix this
issue. However, we have not been able to get in contact with Lexmark. They
have choosen not to reply on our e-mails.
This issue can be reproduced by sending a large buffer (1024 characters) in
the HTTP host request, eg. GET / HTTP/1.0\r\n /Host:AAAAAA[1024].
Kind regards
Peter Kruse
http://www.csis.dk