Lexmark Markvision Enterprise Remote Command Execution

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote web server has a web application that is affected by a
remote command execution vulnerability.

Description :

The version of Lexmark Markvision installed on the remote host is
earlier than 1.8.0 and gets installed with a Groovy Shell (intended for
diagnostic purposes) that binds to TCP port 9789. This could allow
for commands to be executed by an unauthenticated, remote attacker.

Note that this plugin does not verify that Groovy Shell is listening and
instead only does a version check of Lexmark Markvision install.

See also :

http://www.nessus.org/u?db169a54

Solution :

Upgrade to Lexmark Markvision 1.8.0 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 66328 ()

Bugtraq ID: 59513

CVE ID: CVE-2013-3055