[33235] in bugtraq
Re: vulnerabilities of postscript printers
daemon@ATHENA.MIT.EDU (Stephen Samuel)
Sat Jan 24 15:00:12 2004
Message-ID: <4012C5A9.10702@bcgreen.com>
Date: Sat, 24 Jan 2004 11:21:13 -0800
From: Stephen Samuel <samuel@bcgreen.com>
MIME-Version: 1.0
To: Darren Reed <avalon@caligula.anu.edu.au>, bugtraq@securityfocus.com
In-Reply-To: <200401232001.i0NK1IXV013239@caligula.anu.edu.au>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Darren Reed wrote:
> Btw, someone else mentioned something to the effect that hard drives
> were "new" to printers. Hard drives have been in printers for ~10 years
> (if not more) where you needed 100MB or so of space to spool print jobs.
Hard drives were available for the first of the Apple postscript
laser printers... In fact it was a standing joke that the
printers had more CPU power than the machines they were serving.
There were also a couple of postscript printers that had sun
workstations in their guts... They allowed telnet logins with
trivial (or no) root passwords.
----
I remember one case where someone had attached his PS printer
to a building wide (apartment) net. Didn't use DHCP so he just
assigned it a random address (that conflicted with available DHCP
allocations).
Somebody from the support group logged in to the printer,
did some investigation on it. The end solution was
to print a message on his printer asking him to call the
support group for help.
--
Stephen Samuel +1(604)876-0426 samuel@bcgreen.com
http://www.bcgreen.com/~samuel/
Powerful committed communication. Transformation touching
the jewel within each person and bringing it to light.
