A security advisory by Trustwave has revealed that the firm has uncovered a denial-of-service vulnerability in Brother printers which is not being addressed.
Following on from the reports of the inadvertent exposure of almost 700 Brother printers last month, The Inquirer now reveals that Trustwave’s Spiderlabs has investigated the OEM’s devices and said “that a hole in the system could allow a remote attacker to launch a denial of service attacks”. The firm’s security advisory also went on to say that “general poor access control is rampant on the internet” and this “could enable some large and damaging attacks on organisations of all sizes.”
“A single malformed HTTP request can cause the server to hang until eventually replying with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web interface is inaccessible. An attacker can continuously send this malformed request to keep the device inaccessible to legitimate traffic,” said Spiderlabs.
“Some people dismiss Denial of Service attacks as a mere nuisance, but they can tie up resources and reduce productivity at any organisation. They can also be used as a part of an in-person attack on an organisation,” it added.
“For instance, an attacker can launch a Denial of Service like this one and then show up at the organisation as the “technician” called to fix the problem. Impersonating a technician would allow the attacker direct physical access to IT resources that they might never have been able to access remotely.”
Despite the discovery of the printer’s vulnerability, Brother “has chosen to ignore it” and after “four attempts to discuss the issue” Trustwave released details of the problem “along with a proof of concept”.
“No patch currently exists for this issue,” Trustwave commented. “To limit exposure, network access to these devices should be limited to authorized personnel through the use of Access Control Lists and proper network segmentation”.