Denial of Service vulnerability in several Lexmark HTTP servers. Several Lexmark network printers is shipped with a build-in HTTP server for administrative tasks. The webserver software is vulnerable to a Denial of Service attack that will force the webserver to restart and/or stop taking requests. The vulnerability has been discovered during a security audit and was positively identified in model T522 (others models are affected by this issue as well). As far as we know many Dell network printers also uses this webserver software and are therefore likely to be vulnerable. The Server does not handle long HOST arguments in the HTTP Header correctly and therefore causes the server to crash. We recommend that Lexmark ASAP updates their firmware in order to fix this issue. However, we have not been able to get in contact with Lexmark. They have choosen not to reply on our e-mails. This issue can be reproduced by sending a large buffer (1024 characters) in the HTTP host request, eg. GET / HTTP/1.0\r\n /Host:AAAAAA[1024]. Kind regards Peter Kruse http://www.csis.dk
