SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Device (Printer)  >   Infoprint Printers Vendors:   IBM
(Fix is Available) Re: IBM Infoprint Printer Can Be Crashed By Remote Users
SecurityTracker Alert ID:  1005520
SecurityTracker URL:  http://securitytracker.com/id/1005520
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 3 2002
Impact:   Denial of service via network
Fix Available:  Yes  
Version(s): Model 21; Controller Code Level: 1.047012
Description:   A denial of service vulnerability was reported in IBM's Infoprint printers. A remote user can cause the printer to crash.

It is reported that a remote user can send "an excessive number of characters" to the printer's remote management telnet service to cause it to refuse to allow any further login sessions. Cycling the power to the device will reportedly restore login functionality.

According to the report, it may also be possible to crash the entire printer by sending a large amount of data (several kbytes) to the telnet port.

The vendor has reportedly been notified.
Impact:   A remote user can cause the printer or the printer's telnet management port to crash.
Solution:   It is reported that certain versions contain a fix for this flaw. The following version is reported to be not vulnerable:

IBM Infoprint 21 - Controller Code Level: 1.056007

Also, any newer Infoprint models are reported to be not vulnerable.
Vendor URL:  www.printers.ibm.com/R5PSC.NSF/Web/wglaserselect (Links to External Site)
Cause:   Boundary error, Exception handling error
Underlying OS:  

Message History:   This archive entry is a follow-up to the message listed below.
Oct 25 2002 IBM Infoprint Printer Can Be Crashed By Remote Users


 Source Message Contents
Date:  Thu, 31 Oct 2002 12:16:17 +0200
Subject:  RE: IBM Infoprint Remote Management Simple DoS (update)


UPDATE:

It appears this vulnerability has been rectified in later versions
of the printer controller software. As it stands, printers installed
with the controller software above a certain version are NOT
vulnerable, and it appears the latest Infoprint series printers are
indeed not vulnerable. Thanks to Fredrik Björk
<Fredrik.Bjork.List@varbergenergi.se> and Onyx Thanes <wewe@personal.ro>
for information relating to non-vulnerable versions:


Confirmed vulnerable:

IBM Infoprint 21 - Controller Code Level: 1.047012


Confirmed NOT vulnerable:

IBM Infoprint 21 - Controller Code Level: 1.056007
Any newer Infoprint models


As to when IBM started releasing the printers with the non-vulnerable
software installed, well, you'd have to ask IBM for that.


> -----Original Message-----
> From: Toni Lassila 
> Sent: Friday, October 25, 2002 12:19
> To: bugtraq@securityfocus.com
> Subject: IBM Infoprint Remote Management Simple DoS 
> 
> 
> Overview
> ========
> IBM makes a series of TCP/IP enabled printers that come with remote
> management features:
> 
> <http://www.printers.ibm.com/R5PSC.NSF/Web/wglaserselect>
> 
> One of these features is a Telnet-based remote management 
> service, which has a DoS vulnerability. The vulnerability
> discussed here was tested on an IBM Infoprint 21 (older
> model), but is probably present in other printers
> of the same product line.


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC