Details of VAR-200407-0032

ID

VAR-200407-0032

CVE

CVE-2004-0740

TITLE

Lexmark printer HTTP Service Remote Denial of Service Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200407-087

DESCRIPTION

The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial of service (server crash, reload, or hang) via an HTTP header with a long Host field, possibly triggering a buffer overflow. T522 Network Printer is prone to a denial-of-service vulnerability. The HTTP service program of the Lexmark printer does not process some HTTP requests correctly. Remote attackers can use this vulnerability to carry out a denial of service attack on the printer WEB service

Trust: 1.26

sources: NVD: CVE-2004-0740 // BID: 90589 // VULHUB: VHN-9170

AFFECTED PRODUCTS

vendor:	lexmark	model:	t522 network printer	scope:	eq	version:	*	Trust: 1.0
vendor:	lexmark	model:	t522 network printer	scope:	-	version:	-	Trust: 0.9

sources: BID: 90589 // CNNVD: CNNVD-200407-087 // NVD: CVE-2004-0740

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-0740
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200407-087
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-9170
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-0740
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9170
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-9170 // CNNVD: CNNVD-200407-087 // NVD: CVE-2004-0740

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-0740

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200407-087

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200407-087

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-9170

EXTERNAL IDS

db:	NVD	id:	CVE-2004-0740	Trust: 2.0
db:	XF	id:	16752	Trust: 0.9
db:	CNNVD	id:	CNNVD-200407-087	Trust: 0.7
db:	BUGTRAQ	id:	20040720 DENIAL OF SERVICE VULNERABILITY IN SEVERAL LEXMARK HTTP SERVERS	Trust: 0.6
db:	BID	id:	90589	Trust: 0.4
db:	EXPLOIT-DB	id:	358	Trust: 0.1
db:	VULHUB	id:	VHN-9170	Trust: 0.1

sources: VULHUB: VHN-9170 // BID: 90589 // CNNVD: CNNVD-200407-087 // NVD: CVE-2004-0740

REFERENCES

url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/16752	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=109035701329111&w=2	Trust: 1.0
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=109035701329111&w=2	Trust: 0.9
url:	http://xforce.iss.net/xforce/xfdb/16752	Trust: 0.9
url:	http://marc.info/?l=bugtraq&m=109035701329111&w=2	Trust: 0.1

sources: VULHUB: VHN-9170 // BID: 90589 // CNNVD: CNNVD-200407-087 // NVD: CVE-2004-0740

CREDITS

Peter Kruse※ kruse@krusesecurity.dk

Trust: 0.6

sources: CNNVD: CNNVD-200407-087

SOURCES

db:	VULHUB	id:	VHN-9170
db:	BID	id:	90589
db:	CNNVD	id:	CNNVD-200407-087
db:	NVD	id:	CVE-2004-0740

LAST UPDATE DATE

2024-08-14T14:00:45.906000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-9170	date:	2017-07-11T00:00:00
db:	BID	id:	90589	date:	2004-07-27T00:00:00
db:	CNNVD	id:	CNNVD-200407-087	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-0740	date:	2017-07-11T01:30:25.857

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-9170	date:	2004-07-27T00:00:00
db:	BID	id:	90589	date:	2004-07-27T00:00:00
db:	CNNVD	id:	CNNVD-200407-087	date:	2004-07-27T00:00:00
db:	NVD	id:	CVE-2004-0740	date:	2004-07-27T04:00:00