7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
Remote Denial of Service (DoS)
A potential vulnerability has been identified with HP Jetdirect running ftp. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
This vulnerability can be resolved by upgrading the Jetdirect firmware.
There is also a workaround for this vulnerability by making configuration changes.
Recent Jetdirect products use firmware revision x.25.nn or greater and are not vulnerable. Some older Jetdirect products allow the firmware to be upgraded and others do not.
To learn how to upgrade Jetdirect firmware, see Update firmware for a single JetDirect Print Server using Jetdirect EWS or FTP.
For J4169A 610n - upgrade the firmware to version L.25.nn or greater.
For J6057A 615n - upgrade the firmware to version R.25.nn or greater.
Other older Jetdirect products running versions from x.20.nn up to and including x.24.nn are potentially vulnerable. The firmware for these products cannot be upgraded. The potential vulnerability can be avoided by disabling ftp or using access control lists as discussed in the whitepaper βHP Jetdirect Security Guidelinesβ mentioned above.