Re: Cert Advisory 2002-03 and HP JetDirect

From: Russell Fulton (R.FULTONat_private)
Date: Tue Feb 19 2002 - 18:19:51 PST

Next message: 'ken'@FTU: "Four More ScriptEase MiniWeb Server v0.95 DoS Attacks"

Previous message: Martin O'Neal: "Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies"
In reply to: Information Security: "Cert Advisory 2002-03 and HP JetDirect"
Next in thread: Joshua Newton: "Re: Cert Advisory 2002-03 and HP JetDirect"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2002-02-20 at 04:53, Information Security wrote:
> It appears that HP JetDirect firmware is more susceptible to SNMP
> vulnerabilities than originally referenced in the CERT Advisory CA-2002-03
> (http://www.cert.org/advisories/CA-2002-03.html).  Some basic testing with
> Protos on an internal network seems to indicate that devices with JetDirect
> firmware x.08.32 crash each time a single malformed SNMP packet is received.
> The HP Download Manager for JetDirect reports that the printer software is
> up-to-date.

After running the SANS tool for finding machines where snmp is active I
had a number of people say that their HP printers had
a/ hung up and required powering off or resetting
b/ spewed out garbage pages.

-- 
Russell Fulton, Computer and Network Security Officer
The University of Auckland,  New Zealand

Next message: 'ken'@FTU: "Four More ScriptEase MiniWeb Server v0.95 DoS Attacks"
Previous message: Martin O'Neal: "Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies"
In reply to: Information Security: "Cert Advisory 2002-03 and HP JetDirect"
Next in thread: Joshua Newton: "Re: Cert Advisory 2002-03 and HP JetDirect"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 20 2002 - 16:38:51 PST