[14611] in bugtraq
Re: DOS attack against HP JetDirect Printers (fwd)
daemon@ATHENA.MIT.EDU (Gwendolynn ferch Elydyr)
Fri Apr 21 14:34:36 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.BSF.3.96.1000420221252.6343m-100000@komodo.reptiles.org>
Date: Thu, 20 Apr 2000 22:17:15 -0400
Reply-To: Gwendolynn ferch Elydyr <gwen@REPTILES.ORG>
From: Gwendolynn ferch Elydyr <gwen@REPTILES.ORG>
X-To: Alfred Huger <ah@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.GSO.4.21.0004200844560.1300-100000@mail>
On Thu, 20 Apr 2000, Alfred Huger wrote:
> In case anyone is interested, scanning HP printers with
> tools such as nmap will cause the printer to lock up hard.
> I discovered this while trying to diagnose a connection
> problem we were having with a printer.
> I've verified this with at least the following versions of
> JetDirect:
>
> Firmware Rev. : A.08.06
> Firmware Rev. : G.08.03
> Firmware Rev. : G.07.17
> Firmware Rev. : G.07.03
>
> I haven't been able to establish the exact communications
> causing the lockup; someone with more experience than I
> should check this out.
>
> Any network accessable printer can be put out of service
> with a simple nmap -sT -PT HP.printer.tcp.ip
> A power cycle is required for reset.
This sounds like it might be related to an older bug in the JetDirect
cards - about 3 years ago, simultanious connections to a JetDirect card
would cause the card to lock up, with the only recourse being a power
cycle of the printer.
Multiple (2+) TCP connections would trigger this, as would AppleTalk/TCP.
I haven't checked it in a couple of years, but it was certainly persistant
through multiple revs of the JetDirect cards.
cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet. This is the defining metaphor of my life right now."
