CVE-2010-0101

The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service (operating system halt) via a malformed HTTP Authorization header.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://support.lexmark.com/index?page=content&id=TE87&locale=EN&userlocale=EN_US	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:lexmark:x86x::::::::
	cpe:2.3:h:lexmark:x85x::::::::
	cpe:2.3:h:lexmark:x782e::::::::
	cpe:2.3:h:lexmark:x772e::::::::
	cpe:2.3:h:lexmark:x73x::::::::
	cpe:2.3:h:lexmark:w840::::::::
	cpe:2.3:h:lexmark:w850::::::::
	cpe:2.3:h:lexmark:t656::::::::
	cpe:2.3:h:lexmark:t650::::::::
	cpe:2.3:h:lexmark:e360d::::::::
	cpe:2.3:h:lexmark:c935dn::::::::
	cpe:2.3:h:lexmark:x642::::::::
	cpe:2.3:h:lexmark:e33x::::::::
	cpe:2.3:h:lexmark:c52x::::::::
	cpe:2.3:h:lexmark:c543::::::::
	cpe:2.3:h:lexmark:e462::::::::
	cpe:2.3:h:lexmark:n70xxe::::::::
	cpe:2.3:h:lexmark:x543::::::::
	cpe:2.3:h:lexmark:c544::::::::
	cpe:2.3:h:lexmark:c53x::::::::
	cpe:2.3:h:lexmark:x65x::::::::
	cpe:2.3:h:lexmark:x544::::::::
	cpe:2.3:h:lexmark:n4050e::::::::
	cpe:2.3:h:lexmark:c78x::::::::
	cpe:2.3:h:lexmark:e350::::::::
	cpe:2.3:h:lexmark:x646::::::::
	cpe:2.3:h:lexmark:c510::::::::
	cpe:2.3:h:lexmark:n8130::::::::
	cpe:2.3:h:lexmark:x36x::::::::
	cpe:2.3:h:lexmark:n8120::::::::
	cpe:2.3:h:lexmark:c920::::::::
	cpe:2.3:h:lexmark:e34x::::::::
	cpe:2.3:h:lexmark:x546::::::::
	cpe:2.3:h:lexmark:e450::::::::
	cpe:2.3:h:lexmark:x422::::::::
	cpe:2.3:h:lexmark:e23x::::::::
	cpe:2.3:h:lexmark:e238::::::::
	cpe:2.3:h:lexmark:x64xef::::::::
	cpe:2.3:h:lexmark:e260::::::::
	cpe:2.3:h:lexmark:e250::::::::
	cpe:2.3:h:lexmark:x34x::::::::
	cpe:2.3:h:lexmark:c77x::::::::
	cpe:2.3:h:lexmark:n4000::::::::
	cpe:2.3:h:lexmark:x20x::::::::
	cpe:2.3:h:lexmark:t654::::::::
	cpe:2.3:h:lexmark:c73x::::::::
	cpe:2.3:h:lexmark:x94x::::::::
	cpe:2.3:h:lexmark:x26x::::::::
	cpe:2.3:h:lexmark:e460::::::::
	cpe:2.3:h:lexmark:t64x::::::::
	cpe:2.3:h:lexmark:x644::::::::
	cpe:2.3:h:lexmark:e360dn::::::::
	cpe:2.3:h:lexmark:c540::::::::
	cpe:2.3:h:lexmark:e240::::::::
	cpe:2.3:h:lexmark:t652::::::::
	cpe:2.3:h:lexmark:t430::::::::
	cpe:2.3:h:lexmark:x46x::::::::
	cpe:2.3:h:lexmark:c546::::::::
	cpe:2.3:h:lexmark:e240n::::::::
	cpe:2.3:h:lexmark:25xxn::::::::
	cpe:2.3:h:lexmark:e120::::::::

Information

Published : 2010-05-04 09:00

Updated : 2010-05-06 21:00

NVD link : CVE-2010-0101

Mitre link : CVE-2010-0101

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

lexmark

e23x
x34x
n8120
c73x
x782e
c920
x26x
t652
25xxn
x644
e250
n4050e
e240
x73x
e450
w840
x65x
x94x
c510
e34x
x646
n4000
t656
t430
c546
e238
c935dn
e120
x546
x64xef
t650
c53x
n70xxe
c543
e360dn
e360d
x544
t654
x36x
c52x
w850
e240n
n8130
x20x
x772e
x86x
c78x
x85x
e350
e260
c77x
c540
c544
x642
x422
x46x
t64x
e462
e460
e33x
x543

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://support.lexmark.com/index?page=content&id=TE87&locale=EN&userlocale=EN_US", "name": "http://support.lexmark.com/index?page=content&id=TE87&locale=EN&userlocale=EN_US", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service (operating system halt) via a malformed HTTP Authorization header."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-0101", "ASSIGNER": "cert@cert.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-05-04T16:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lexmark:x86x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x85x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x782e:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x772e:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x73x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:w840:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:w850:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:t656:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:t650:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e360d:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c935dn:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x642:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e33x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c52x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c543:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e462:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:n70xxe:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x543:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c544:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c53x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x65x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x544:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:n4050e:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c78x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e350:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x646:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c510:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:n8130:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x36x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:n8120:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c920:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e34x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x546:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e450:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x422:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e23x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e238:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x64xef:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e260:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e250:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x34x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c77x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:n4000:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x20x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:t654:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c73x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x94x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x26x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e460:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:t64x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x644:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e360dn:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c540:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e240:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:t652:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:t430:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:x46x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:c546:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e240n:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:25xxn:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:lexmark:e120:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2010-05-07T04:00Z"}

7.8 /10