CERT-FI Advisory on Lexmark printers

Details

Two vulnerabilities have been found in various versions of Lexmark network printers. The vulnerabilities in the web server component enable an attacker to crash the printer by sending malformed HTTP and SSL messages.

Vulnerability Coordination Information and Acknowledgements

CERT-FI have coordinated the release of this issue with the finder and the affected vendors. CERT-FI would like to thank Codenomicon Oy for reporting the vulnerability, and Lexmark for co-operation in the remediation efforts.

Vendor Information

Lexmark

• Please refer to Lexmark advisories for information about affected products and versions
  

Remediation

Patch the vulnerable software components according to the guidance published by the vendor. Where available, refer to the 'Vendor Information' section of this advisory for platform specific remediation.

The vulnerability can be mitigated by disabling the web service, or by filtering access to the TCP ports 80, 443, 8000 and 631.

References

• CVE-2010-0101
• CVE-2004-0079
• http://support.lexmark.com/index?page=content&id=TE87&locale=EN&userlocale=EN_US
• http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US

Contact Information

CERT-FI Vulnerability Coordination can be contacted as follows:

Email:
vulncoord@ficora.fi
Please quote the advisory reference [FICORA #219761] in the subject line

Telephone:
+358 9 6966 510
Monday - Friday 08:00 - 16:15 (EET: UTC+2)

Fax :
+358 9 6966 515

Post:
Vulnerability Coordination
FICORA/CERT-FI
P.O. Box 313
FI-00181 Helsinki
FINLAND

CERT-FI encourages those who wish to communicate via email to make use of our PGP key. The key is available at
https://www.cert.fi/en/activities/contact/pgp-keys.html

The CERT-FI vulnerability coordination policy can be viewed at https://www.cert.fi/en/activities/Vulncoord/vulncoord-policy.html.

Revision History

29 Apr 2010 07:10 UTC: Released

Page updated 22.07.2010

Print version