CVE-2010-0618

The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP outage) by making many passive FTP connections and then aborting these connections.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US	Vendor Advisory
http://www.securityfocus.com/bid/38906
http://secunia.com/advisories/39056
http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=11&Itemid=11
http://www.securityfocus.com/archive/1/510285/100/0/threaded

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:h:lexmark:z2420:*:*:*:*:*:*:*:*

Information

Published : 2010-03-24 15:45

Updated : 2018-10-10 12:53

NVD link : CVE-2010-0618

Mitre link : CVE-2010-0618

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

lexmark

z2420

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US", "name": "http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/38906", "name": "38906", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/39056", "name": "39056", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=11&Itemid=11", "name": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=11&Itemid=11", "tags": [], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/archive/1/510285/100/0/threaded", "name": "20100322 {PRL} Lexmark Multiple Laser printer FTP Remote Denial of Services", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP outage) by making many passive FTP connections and then aborting these connections."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-0618", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-03-24T22:45Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lexmark:z2420:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-10T19:53Z"}