[24345] in bugtraq
Re: Cert Advisory 2002-03 and HP JetDirect
daemon@ATHENA.MIT.EDU (Russell Fulton)
Wed Feb 20 19:41:03 2002
From: Russell Fulton <R.FULTON@auckland.ac.nz>
To: Information Security <InformationSecurity@federatedinv.com>
Cc: "'bugtraq@securityfocus.com'" <bugtraq@securityfocus.com>
In-Reply-To:
<D5E5F4682E75D41185CD00D0B79DC56F04BB1AB3@exchfed01.federatedinv.com>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Date: 20 Feb 2002 15:19:51 +1300
Message-Id: <1014171594.3237.115.camel@bloodnock>
Mime-Version: 1.0
On Wed, 2002-02-20 at 04:53, Information Security wrote:
> It appears that HP JetDirect firmware is more susceptible to SNMP
> vulnerabilities than originally referenced in the CERT Advisory CA-2002-03
> (http://www.cert.org/advisories/CA-2002-03.html). Some basic testing with
> Protos on an internal network seems to indicate that devices with JetDirect
> firmware x.08.32 crash each time a single malformed SNMP packet is received.
> The HP Download Manager for JetDirect reports that the printer software is
> up-to-date.
After running the SANS tool for finding machines where snmp is active I
had a number of people say that their HP printers had
a/ hung up and required powering off or resetting
b/ spewed out garbage pages.
--
Russell Fulton, Computer and Network Security Officer
The University of Auckland, New Zealand
