Re: Denial of Service vulnerability in several Lexmark HTTP servers

To: pkr@xxxxxxx
Subject: Re: Denial of Service vulnerability in several Lexmark HTTP servers
From: Eric Sesterhenn / snakebyte <snakebyte@xxxxxx>
Date: Wed, 21 Jul 2004 02:25:46 +0200
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <BAEFKJBBCIPAKCGNHICFGELGDDAA.pkr@xxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <BAEFKJBBCIPAKCGNHICFGELGDDAA.pkr@xxxxxxx>

On Tue, 2004-07-20 at 22:46, Peter Kruse wrote:
> Denial of Service vulnerability in several Lexmark HTTP servers.
> 
> Several Lexmark network printers is shipped with a build-in HTTP server for
> administrative tasks. The webserver software is vulnerable to a Denial of
> Service attack that will force the webserver to restart and/or stop taking
> requests.

This issue is known for quite some time now. Two months ago I released a
PoC on my page.

 Greetings Eric

-- 
 www.cobra-basket.de -- just my stuff

References:
- Denial of Service vulnerability in several Lexmark HTTP servers
  - From: Peter Kruse

Prev by Date: Denial of Service in Conceptronic CADSLR1 Router
Next by Date: [SECURITY] [DSA 531-1] New php4 packages fix multiple vulnerabilities
Previous by thread: Denial of Service vulnerability in several Lexmark HTTP servers
Next by thread: OpenServer 5.0.6 OpenServer 5.0.7 : MMDF Various buffer overflows and other security issues
Index(es):
- Date
- Thread