Basic search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16500
HistoryMar 28, 2007 - 12:00 a.m.

[Full-disclosure] Remote DOS HP JetDirect Print Servers

2007-03-2800:00:00
vulners.com
18

Vulnerability : Remote DOS HP JetDirect Print Servers
Product : HP JetDirect Print Servers "HP LaserJet Series"
By: Handrix <handrix_at_morx_org>
26 March 2007
MorX security research team
www.morx.org

±------------+

Description
±------------+
HP JetDirect print servers allow you to connect printers and other
devices directly to a network.
Such devices provide a variety of embeded services online, as like as ftp,
snmp, web server, tftp … and other daemon.
However under a passive connection to the ftp's printers, and by sending a
RERT command
with a big rang of data (271 to 277 char) as pathname, the ftp server turn
down,
which cause the crash of the the engine.
±--------------------------------------------------------------------------------------------

±--------+

Example
±--------+
% python /usr/lib/python2.4/ftplib.py -d [vulnerable host] -l -p `python
-c 'print "A"*300'`
±---------------------------------------------------------------------------------------------

±-------------------+

Version vulnerable
±-------------------+
Hewlett-Packard FTP Print Server Version 2.4 and prior
±--------------------------------------------------------------------------------------------

±---------+

Solution
±---------+
Upgrade your drivers for your printers.
By consulting the web page : http://www.hp.com/support/net_printing
±--------------------------------------------------------------------------------------------