Bugtraq ID 814 (Nov 18, 1999) discusses a buffer overflow in the HP JetDirect Internal Webserver. Any firmware version prior to 7.xx would crash when accessed via http: //printer IP address/256 character string here Is this the issue here? My 60+ HP Printers all with JetDirect cards at firmware 8.32 didn't seem to be affected by the worm. I know a more recent advisory discussed buffer overflows in versions as new as 8.20, but the Web server was not listed as vulnerable. The original firmware in my 4000TN was 5.34, which was definitely vulnerable to the Web buffer overflow, as it was the first printer that I tested at the time. Perhaps someone who had this problem with the worm can verify their firmware version? Brian ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Jul 23 2001 - 12:02:36 PDT