-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2010.0116
  Denial of service vulnerability in Lexmark Printers and MarkNet devices
                                5 May 2010

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Lexmark Printers and MarkNet devices
Operating System:     Printer
Impact/Access:        Denial of Service -- Remote/Unauthenticated
Resolution:           Patch/Upgrade
CVE Names:            CVE-2010-0101  
Member content until: Friday, June  4 2010

OVERVIEW

        Lexmark have corrected a denial of service vulnerability affecting their
        printers and MarkNet devices.


IMPACT

        The vendor has provided the following information regarding this
        vulnerability:
        
        "Invalid characters in the HTTP header Authorization field will cause
        the embedded HTTP server to crash which halts the operating system.
        This affects all TCP services on the printer (ports 80, 443, 8000 &
        631) that use the HTTP protocol. 
        
        Successful exploitation of this vulnerability can lead to a denial of
        service on the affected printer by causing it to crash." [1]


MITIGATION

        Updated firmware or printer base code has been created to address
        this vulnerability. Lexmark has advises that customers contact
        them to receive the updates. [2]
        
        Note that not all Lexmark printers and MarkNet devices have been
        provided with updated firmware. The Lexmark advisory has a table of
        devices and their patch status along with workaround instructions for
        unpatched devices. [1]


REFERENCES

        [1] HTTP Denial of Service Vulnerability
            http://support.lexmark.com/index?page=content&id=TE87&locale=EN&userlocale=EN_US

        [2] Lexmark - Contact Us
            http://www1.lexmark.com/products/home/contactus.jsp

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iD8DBQFL4O7E/iFOrG6YcBERAvHAAJ4pC2a0r6mgn+hkbF+f9PChTsD3tQCfZWpm
2OxR1hNXAOtEYsdJ49HATqI=
=vKAR
-----END PGP SIGNATURE-----