SecurityTracker.com Archives - SEH IC-9 Pocket Print Server Can Be Crashed By Remote Users Sending a Large Password to the Web Interface

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker
Archives

Sign Up

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Affiliates

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Questions?

Want to learn about SecurityTracker? We've got answers to frequently asked questions right here

Category: Device (Printer) > IC9-ETHERPRINT

Vendors: SEH

SEH IC-9 Pocket Print Server Can Be Crashed By Remote Users Sending a Large Password to the Web Interface

SecurityTracker Alert ID: 1004857

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Jul 27 2002

Impact: Denial of service via network

Exploit Included: Yes

Version(s): SEH IC9 (Firmware 7.1.30 and 7.1.36f)

Description: A denial of service vulnerability was reported in SEH's IC9 Pocket Print Server. A remote user can cause the device to reboot.

It is reported that a remote user can send a large administrative password (300 characters or more) to the device on the web interface to cause the device to reboot. This will apparently cause the attached printer to reset, as well.

The vendor reportedly has been notified and has denied the problem exists.

Impact: A remote user can cause the device to reboot.

Solution: No solution was available at the time of this entry.

Vendor URL: www.seh.de/english/products/ps1/ic9/ic9txt.htm (Links to External Site)

Cause: Boundary error, Exception handling error

Reported By: kim0 <kim0@phenoelit.de>

Message History: None.

Source Message Contents

Date: Sat, 27 Jul 2002 12:05:11 +0200
From: kim0 <kim0@phenoelit.de>
Subject: 0815 ++ */ SEH_Web

 

--------------040607080400080008070406
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit


-- 
            kim0   <kim0@phenoelit.de>
        Phenoelit (http://www.phenoelit.de)
90C0 969C EC71 01DC 36A0  FBEF 2D72 33C0 77FC CD42

--------------040607080400080008070406
Content-Type: text/plain;
 name="SEH_Web.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="SEH_Web.txt"

Phenoelit Advisory <wir-haben-auch-mal-was-gefunden #0815 +--+>

[ Authors ]
	FX		<fx@phenoelit.de>
	kim0 		<kim0@phenoelit.de>	

	Phenoelit Group	(http://www.phenoelit.de)
	Advisory	http://www.phenoelit.de/stuff/SEH_Web.txt

[ Affected Products ]
	SEH GmbH
			IC9 Pocket Print Server

	Tested on
                        SEH IC9 (Firmware 7.1.30 and 7.1.36f)

	SEH Bug ID:	Not assigned

[ Vendor communication ]
        06/29/02        Initial Notification, support@seh.de
                        *Note-Initial notification includes
                        a cc to cert@cert.org
        06/29/02        Auto-Responder reply from SEH
        07/01/02        Human ack. from SEH, denial that problem exists
                        along with new firmware version
        07/01/01        Despite fact that phenoelit is not a software 
			test-lab, we confirmed that problem exists in new 
			firmware as well and passed info to vendor
        07/19/02        Notification of intent to post publically
                        in apx. 7 days.

[ Overview ]
	The IC9 Pocket Print Server is a small pocket sized network 
	interface for printers. 
 
[ Description ]
	By sending an oversized administrative password using the 
	web-interface, an attacker can cause the print server device to reboot 
	itself (and reset the printer attached).

[ Example ]
	Enter a password for the administrator that is 300 characters or more 
	and <click> the button.

[ Solution ]
	None known at this time. 


[ end of file ]



--------------040607080400080008070406--

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2002, SecurityGlobal.net LLC