Vulnerabilities > CVE-2010-0618 - Remote Denial of Service vulnerability in Multiple Lexmark Laser Printers FTP Service
Summary
The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP outage) by making many passive FTP connections and then aborting these connections. Per: http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US#Printcryption 'Details Lexmark products have connection flood protection mechanisms that limit the number of simultaneous network connections that can be made to the device on most TCP service ports. (21/FTP 79/Finger, 515/LPD, 631/IPP, 5001, 9100-9104, 9200, 9300, 9400, 9500-9501 & 9600) The FTP service exception handler does not properly maintain the state of the flood protection when passive FTP connections are aborted. Once a sufficient number of passive FTP connections have timed out (typically 15), the flood protection is enabled and is never reset. The flood protection can be reset by resetting the network adapter, or by power cycling the device. The firmware update that resolves this vulnerability automatically resets the flood protection after the “Network Job Timeout” has expired or 90 seconds if the “Network Job Timeout” is disabled.'
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 1 |
References
- http://secunia.com/advisories/39056
- http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US
- http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=11&Itemid=11
- http://www.securityfocus.com/archive/1/510285/100/0/threaded
- http://www.securityfocus.com/bid/38906