Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

oce9400.txt

🗓️ 24 Nov 1999 00:00:00Reported by Larry W. CashdollarType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 27 Views

Oce' 9400 plotters may become an anonymous telnet proxy if misconfigured; enable passwords and logging.

Code
` This appeared on bugtraq in August of 99   
  
I am aware of the Intelligent Peripherals bulletin by CIAC.  
  
http://www.ciac.org/ciac/bulletins/j-019.shtml  
  
I have a few plotters / printers under my audit umbrella and  
noticed something interesting on an Oce' 9400 plotter. The printer has  
the ability to be a telnet proxy. Where as a user can hop via telnet to  
other hosts. If the printer is not setup properly the connections will  
go unlogged.  
  
bunyip% telnet JPP1  
Trying 192.168.38.244...  
Connected to JPP1.  
Escape character is '^]'.  
  
Network Printer Server Version 5.6.3 (192.168.38.244)  
  
login: root  
Password:[Just enter here]  
  
Welcome root user  
  
  
WARNING: current and stored values differ.  
Use 'list diff' command to find the differences.  
Current values will be lost if unit is reset.  
  
192.168.38.244:root> telnet 192.168.38.110  
trying 192.168.38.110 ...  
Connected to 192.168.38.110  
Escape character is '0x18'  
  
Red Hat Linux release 5.9 (Starbuck)  
Kernel 2.2.3-5 on an i586  
login:  
  
192.168.38.244:root> list sysinfo  
name:  
contact:  
location:  
version: 5.6.3  
serial number: 13029  
compiled: Mar 25 1998 loginfo: sys  
logport:  
syslog: 255.255.255.255  
email: NetPrint@<unconfigured>  
dns server: 192.168.38.110  
module: novell, appletalk, netbios  
checksum: 1E54  
  
  
All that is needed is a valid DNS server setup in the plotter  
configuration.  
  
192.168.38.244:root> set sysinfo dns 192.168.38.100  
  
And anyone can use the plotter as an anonymous telnet proxy.  
  
Fix:  
  
Enable passwords for the accounts on the plotter:  
  
syntax: set user add <NAME>  
set user del <NAME>  
set user passwd <NAME> [<PASSWORD>]  
set user type <NAME> root|guest  
set user from default|stored  
  
Enable logging:  
  
syntax: set logpath <LOGPATH> name <NEW_NAME>  
set logpath <LOGPATH> type [[-]job] [[-]user] [[-]pgcnt]  
[[-]cksum]  
[[-]printer] [[-]ioport]  
set logpath <LOGPATH> port <TCP-PORT>|email|syslog  
set logpath from default|stored  
  
Larry W. Cashdollar  
http://vapid.dhs.org   
[email protected]  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
24 Nov 1999 00:00Current
7.4High risk
Vulners AI Score7.4
oce 9400 plottertelnet proxyconfiguration issueenable passwordsenable loggingbugtraq august 1999.
27