Hi, my last message concerning three commons vulnerabilities on Nashuatec printers model D445 is also available for the D435 series. These two models of printers are vulnerables to: 1- ftp bounce attack 2- adm web server cgi buffer overflow ( eg: reset ) 3- (icmp redirect storm) denial of service attack now a little update (about the two series): 4- By default, a "guest" account (password guest) allow everybody to authenticate himself to the telnet service. That's not exactly what we should call a security hole since everybody can connect to the web server with exactly the same priviledge and without any needed authentication. 5- the telnetd daemon no longer listen on its port after only one syn stealth scan (try nmap "-sS" option).This behavior suggest that this version of telnetd is unable to manage simultaneous connection requests resulting in a possible denial of service attack. Have a nice day ****************** Gregory Duchemin Security & networks Engineer Email: veille@securite-internet.com http://www.securite-internet.com
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:12:59 PDT