Axis Print Server Denial of Service Vulnerability

vendor:

Print Server

by:

SecurityFocus

7.5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: Print Server

Affected Version From: 6.1

Affected Version To: 6.2

Patch Exists: YES

Related CWE: N/A

CPE: h:axis:print_server_560

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

Axis Print Server Denial of Service Vulnerability

It has been reported that an attacker may make a malicious HTTP request that will trigger an exception in the affected server, effectively denying service to legitimate users. It should be noted that while this vulnerability has been reported to affect the web interface of Axis Print Server 560 and 5600 running firmware versions 6.10, 6.15 and 6.20, other versions might also be affected.

Mitigation:

It is recommended to upgrade to the latest version of the firmware to mitigate this vulnerability.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8096/info

Axis Print Server web interface could expose the device to a denial of service vulnerability. 

It has been reported that an attacker may make a malicious HTTP request that will trigger an exception in the affected server, effectively denying service to legitimate users.

It is not known if the denial of service is limited to the web interface or the entire appliance.

It should be noted that while this vulnerability has been reported to affect the web interface of Axis Print Server 560 and 5600 running firmware versions 6.10, 6.15 and 6.20, other versions might also be affected.

http://ps/u_server.shtm?port=a_server.shtm
http://ps/u_server.shtm?port=<!--
http://ps/?_