http://www.computerworld.com/s/article/9234118/Samsung_to_issue_firmware_fix_for_printer_security_flaw_on_Friday By John Ribeiro IDG News Service November 29, 2012 Samsung Electronics will close a security hole in the firmware of some of its printers by issuing an update on Friday, and said they could be protected by disabling SNMP. The affected printers have a backdoor administrator account hard-coded in their firmware that does not require authentication and can be accessed over the Simple Network Management Protocol (SNMP) interface, the U.S. Computer Emergency Readiness Team (US-CERT) said earlier this week in an advisory. The affected Samsung printers, and some Dell printers made by Samsung, contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility, US-CERT said. SNMP is an Internet protocol commonly used to monitor and read statistics from network-attached devices. [...] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.orgReceived on Fri Nov 30 2012 - 10:33:12 PST
This archive was generated by hypermail 2.2.0 : Fri Nov 30 2012 - 10:47:45 PST