[12685] in bugtraq
Re: buffer overflow in HP JetDirect module (probably affects all
daemon@ATHENA.MIT.EDU (Brian)
Mon Nov 22 17:12:52 1999
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="qMm9M+Fa2AknHoGS"
Message-Id: <19991119202120.A10129@ruff.cs.jmu.edu>
Date: Fri, 19 Nov 1999 20:21:20 -0500
Reply-To: Brian <cazz@RUFF.CS.JMU.EDU>
From: Brian <cazz@RUFF.CS.JMU.EDU>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <19991119105700.A13948@informatik.rwth-aachen.de>; from
haustein@INFORMATIK.RWTH-AACHEN.DE on Fri, Nov 19,
1999 at 10:57:00AM +0100
--qMm9M+Fa2AknHoGS
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
> Obviously it's a M680x0 CPU with 512 KB of RAM in our model, so
> writing an exploit should be fairly easy. The nice point about it is
> that most people wouldn't expect their printer to be compromised --
> and since there is no logging on the printer, you can't easily be
> tracked down...
HP JetDirects can have the web server turned off (a good idea) and use
remote syslog to log all connections to the printer. The HP print
server control software automaticly turns the web configuration back
on, so I wouldn't use that, I would physicly go up to the printer and
disable all services you don't need. =20
If only one could add in ip allow ranges, then I would be happy.
-cazz
--qMm9M+Fa2AknHoGS
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE4NfePac/1Eph0QDwRARmNAJ9TX2TCUnoNokmCUlnTFRP+cIulMQCfTygh
dv0s52LKconrt3ZukkjXbGU=
=PU6l
-----END PGP SIGNATURE-----
--qMm9M+Fa2AknHoGS--