Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

SRADV00007.txt

🗓️ 07 Dec 2000 00:00:00Reported by Secure RealityType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 28 Views

Local root compromise via Lexmark MarkVision printer drivers affecting versions below 4.4.

Code
`=================================================  
Secure Reality Pty Ltd. Security Advisory #7 (SRADV00007)  
http://www.securereality.com.au  
=================================================  
  
[Title]  
Local root compromise through Lexmark MarkVision printer drivers  
  
[Released]  
6/11/2000  
  
[Vulnerable]  
Versions below 4.4  
(Specifically the MarkVision drivers package for Unix. Other Lexmark  
drivers, e.g Windows drivers, are not part of MarkVision)  
  
[Overview]  
MarkVision is a printer administration package from Lexmark. In addition to  
software to remotely administer printers it also provides printer drivers  
for a wide variety of printers for various flavours of Unix.  
  
Several of the utilities that make up the Unix printer drivers contain  
command line buffer overflows. As some of these utilities are installed  
setuid root, a local attacker can trivially exploit the vulnerabilities to  
execute arbitrary code as root.  
  
[Impact]  
Local root compromise  
  
[Detail]  
We successfully exploited command line overflows against the following  
setuid root programs:  
- /usr/local/lexmark/markvision/bin/cat_network - Heap oveflow  
- /usr/local/lexmark/markvision/bin/cat_parallel - Stack overflow  
- /usr/local/lexmark/markvision/bin/cat_serial - Stack overflow  
  
We tested our exploits on the Linux version of the drivers under Redhat 6.2.  
Obviously the stack overflows at least should be exploitable on all the  
other platforms the drivers are available for, the heap overflow may not be,  
we have not tested either case.  
  
[Fix]  
Please upgrade to the latest version of the MarkVision drivers (4.4) at  
ftp://ftp.lexmark.com/pub/driver/unix/MarkVision/V4.4  
  
[Acknowledgements]  
While Lexmark did provide a fix for the problem after we disclosed it to  
them, they weren't particularly cooperative or speedy in doing so  
  
[Disclaimer]  
Advice, directions and instructions on security vulnerabilities in this  
advisory do not constitute: an endorsement of illegal behavior; a guarantee  
that protection measures will work; an endorsement of any product or  
solution or recommendations on behalf of Secure Reality Pty Ltd. Content is  
provided as is and Secure Reality Pty Ltd does not accept responsibility for  
any damage or injury caused as a result of its use.  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
07 Dec 2000 00:00Current
0.1Low risk
Vulners AI Score0.1
local root compromiselexmark markvisionunix printer driverscommand line buffer overflowssecurity vulnerabilities.
28