CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
EPSS
Percentile
48.9%
The version of the remote Lexmark printer is potentially affected by a cross-site scripting vulnerability. An input validation error exists related to the ‘General Settings’ configuration page and the ‘Location’ and ‘Contact Name’ parameters that could allow persistent cross-site scripting attacks.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(72772);
script_version("1.5");
script_cvs_date("Date: 2019/11/26");
script_cve_id("CVE-2013-6033");
script_bugtraq_id(65277);
script_xref(name:"CERT", value:"108062");
script_name(english:"Lexmark Printer Configuration Persistent XSS");
script_summary(english:"Checks version of Lexmark printer");
script_set_attribute(attribute:"synopsis", value:
"The remote printer is potentially affected by a cross-site scripting
vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of the remote Lexmark printer is potentially affected by a
cross-site scripting vulnerability. An input validation error exists
related to the 'General Settings' configuration page and the 'Location'
and 'Contact Name' parameters that could allow persistent cross-site
scripting attacks.");
# http://support.lexmark.com/index?page=content&id=TE585&locale=EN&userlocale=EN_US
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9b932aa2");
script_set_attribute(attribute:"solution", value:
"Upgrade to the vendor's suggested Lexmark printer firmware version or
later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-6033");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);
script_set_attribute(attribute:"vuln_publication_date", value:"2014/01/31");
script_set_attribute(attribute:"patch_publication_date", value:"2014/01/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/03");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/h:lexmark:c52x");
script_set_attribute(attribute:"cpe", value:"cpe:/h:lexmark:c53x");
script_set_attribute(attribute:"cpe", value:"cpe:/h:lexmark:c920");
script_set_attribute(attribute:"cpe", value:"cpe:/h:lexmark:c935dn");
script_set_attribute(attribute:"cpe", value:"cpe:/h:lexmark:e250");
script_set_attribute(attribute:"cpe", value:"cpe:/h:lexmark:e350");
script_set_attribute(attribute:"cpe", value:"cpe:/h:lexmark:e450");
script_set_attribute(attribute:"cpe", value:"cpe:/h:lexmark:t64x");
script_set_attribute(attribute:"cpe", value:"cpe:/h:lexmark:w840");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("lexmark_printer_detect.nasl");
script_require_keys("www/lexmark_printer/model", "www/lexmark_printer/base_ver");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("webapp_func.inc");
report_model = get_kb_item_or_exit("www/lexmark_printer/model");
report_version = get_kb_item_or_exit("www/lexmark_printer/base_ver");
use_model = tolower(report_model - 'Lexmark ');
use_version = tolower(report_version);
if (report_version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_SERVER_VER, "the remote Lexmark printer ("+report_model+")", 0);
# tolower(model regex) , vuln regex
model_and_vuln_vers = make_array(
"^w840($|[^0-9])",
# LS.HA.P252 and earlier
"^ls\.ha\.p(00[0-9]|0[0-9][0-9]|1[0-9][0-9]|2([0-4][0-9]|5[0-2]))($|[^0-9])",
"^t64[0-9]($|[^0-9])",
# earlier than LS.ST.P344
"^ls\.st\.p(00[0-9]|0[0-9][0-9]|[12][0-9][0-9]|3([0-3][0-9]|4[0-3]))($|[^0-9])",
"^c935dn($|[^0-9])",
# LC.JO.P091 and earlier
"^lc\.jo\.p(00[0-9]|0[0-8][0-9]|090)($|[^0-9])",
"^c920($|[^0-9])",
# LS.TA.P152 and earlier
"^ls\.ta\.p(00[0-9]|0[0-9][0-9]|1[0-4][0-9]|15[01])($|[^0-9])",
"^c53[0-9]($|[^0-9])",
# LS.SW.P069 and earlier
"^ls\.sw\.p(00[0-9]|0[0-6][0-9])($|[^0-9])",
"^c52[0-9]($|[^0-9])",
# LS.FA.P150 and earlier
"^ls\.fa\.p(00[0-9]|0[0-9][0-9]|1[0-4][0-9]|150)($|[^0-9])",
"^e450($|[^0-9])",
# LM.SZ.P124 and earlier
"^lm\.sz\.p(00[0-9]|0[0-9][0-9]|1[01][0-9]|12[0-4])($|[^0-9])",
"^e350($|[^0-9])",
# LE.PH.P129 and earlier
"^le\.ph\.p(00[0-9]|0[0-9][0-9]|1[0-2][0-9])($|[^0-9])",
"^e250($|[^0-9])",
# LE.PM.P126 and earlier
"^le\.pm\.p(00[0-9]|0[0-9][0-9]|1[01][0-9]|12[0-6])($|[^0-9])"
);
# tolower(model regex) , fix
model_and_fix_vers = make_array(
"^w840($|[^0-9])" , "Contact vendor",
"^t64[0-9]($|[^0-9])", "LS.ST.P344",
"^c935dn($|[^0-9])" , "Contact vendor",
"^c920($|[^0-9])" , "Contact vendor",
"^c53[0-9]($|[^0-9])", "Contact vendor",
"^c52[0-9]($|[^0-9])", "Contact vendor",
"^e450($|[^0-9])" , "Contact vendor",
"^e350($|[^0-9])" , "Contact vendor",
"^e250($|[^0-9])" , "Contact vendor"
);
vuln_regex = NULL;
report_fix = FALSE;
# See if detected model is in the affected list
foreach model_regex (keys(model_and_vuln_vers))
{
if (use_model =~ model_regex)
{
vuln_regex = model_and_vuln_vers[model_regex];
# Do the vercheck
if (use_version =~ vuln_regex)
{
vuln = TRUE;
report_fix = model_and_fix_vers[model_regex];
}
break;
}
}
if (report_fix)
{
set_kb_item(name:'www/0/XSS', value:TRUE);
if (report_verbosity > 0)
{
report = '\n Model : ' + report_model +
'\n Installed version : ' + report_version +
'\n Fixed version : ' + report_fix +
'\n';
security_note(port:0, extra:report);
}
else security_note(0);
exit(0);
}
else audit(AUDIT_INST_VER_NOT_VULN, "The Lexmark printer ("+report_model+")", report_version);