Wednesday, June 14

Problems with Linksys PSUS4 firmware rev 6033

In one location, I am using a Linksys PSUS4 printserver, firmware rev 6033, on a small LAN in a mixed operating system environment. The PSUS4 is connected via USB to a Brother HL-1440 printer.

Whenever the printserver is sent a large print job, it hangs the device. Worse, at least on my LAN for some reason whenever the device hangs every other device on the LAN, except the device originally sending the packets/printjob to the PSUS4, loses its connection to the router.

This may be related to a DoS vulnerability previously published on the device, more information here. If you use this device, I recommend restricting HTTP access and monitoring the jobs sent to the device. Unfortunately, there does not seem to be any IP filtering built into the device.

Due to these vulnerabilities, I cannot recommend the use of that device. Linksys has known about this DoS vulnerability for more than a year, and they are still propagating a firmware revision from 2004.

2 comments:

scott said...

Aaron, I'm getting a message saying the device is busy or cannot be found. Did you run into this issue?

Treasure State Jew said...

Scott;

No. However, I have found that cycling the power on the device is generally all it takes to bring it up.

I still think it is a piece of junk. There are other USB printservers that aren't as vulnerable. At a minimum, I would not use the device as a switch. Too much complication in the plumbing!