COMMAND

    Lexmark MarkVision

SYSTEMS AFFECTED

    Lexmark MarkVision printer drivers versions below 4.4

PROBLEM

    Following  is  based  on  a  Secure Reality Advisories SRADV00007.
    MarkVision is a printer  administration package from Lexmark.   In
    addition  to  software  to  remotely  administer  printers it also
    provides  printer  drivers  for  a  wide  variety  of printers for
    various flavours of Unix.

    Several of  the utilities  that make  up the  Unix printer drivers
    contain command line buffer overflows.  As some of these utilities
    are installed setuid root, a local attacker can trivially  exploit
    the vulnerabilities to execute arbitrary code as root.

    Secure  Reality  successfully  exploited  command  line  overflows
    against the following setuid root programs:

        - /usr/local/lexmark/markvision/bin/cat_network - Heap oveflow
        - /usr/local/lexmark/markvision/bin/cat_parallel - Stack overflow
        - /usr/local/lexmark/markvision/bin/cat_serial - Stack overflow

    They tested  their exploits  on the  Linux version  of the drivers
    under Redhat 6.2.  Obviously  the stack overflows at least  should
    be  exploitable  on  all  the  other  platforms  the  drivers  are
    available for, the heap overflow may not be, they have not  tested
    either case.

SOLUTION

    Please upgrade  to the  latest version  of the  MarkVision drivers
    (4.4) at

        ftp://ftp.lexmark.com/pub/driver/unix/MarkVision/V4.4