I am summarizing a number of replies to the printer vulnerability threads. Tektronix: Vulnerable: Phaser 360 - Wyman Eric Miles <wymanmat_private> Phaser 840 - HC Security <securitat_private> Phaser 780 - "Tim Adams" <TAdamsat_private> Not Vulnerable: Phaser 360 - HC Security <securitat_private> HP JetDirect overflow: Not Vulnerable: Firmware Revision G.07.17 - Jens Hektor <hektorat_private-aachen.de> Vulnerable: JetDirect 300x print server J3263A firmware H.06.00 - olivier Schott <ostat_private> To disable port 80 use the command: ews-config: 0 >From David Foster <fosterat_private>: If you are using bootp/tftp to configure your printers, you can specify an allowed IP range in /tftpboot/<printer-name>.cfg, like: xxx.yyy.zzz.0 255.255.255.0 -- Elias Levy Security Focus http://www.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:13:50 PDT