136 matches found
EUVD-2000-1049
Malware in sbrugna...
Printer Job Language (PJL) / Printer Command Language (PCL) Detection
The remote service supports the Printer Job Language PJL and/or Printer Command Language PCL protocol and answered to a PJL and/or PCL request. This indicates the remote device is probably a printer running JetDirect. Through PJL/PCL, users can submit printing jobs, transfer files to or from the...
HP Jetdirect - Path Traversal Arbitrary Code Execution Exploit
Exploit for unix platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "rex/proto/pjl" class MetasploitModule 'HP Jetdirect Path Traversal Arbitrary Code Execution', 'Description...
HP Jetdirect Path Traversal Arbitrary Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "rex/proto/pjl" class MetasploitModule 'HP Jetdirect Path Traversal Arbitrary Code Execution', 'Description' = %q The module exploits a path traversal via...
HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "rex/proto/pjl" class MetasploitModule 'HP Jetdirect Path Traversal Arbitrary Code Execution', 'Description' = %q The module exploits a path traversal via...
HP Jetdirect Path Traversal Arbitrary Code Execution
The module exploits a path traversal via Jetdirect to gain arbitrary code execution by writing a shell script that is loaded on startup to /etc/profile.d. Then, the printer is restarted using SNMP. Impacted printers: HP PageWide Managed MFP P57750dw HP PageWide Managed P55250dw HP PageWide Pro MF...
HPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products
Potential Security Impact Remote disclosure of information. Source:Mathy Vanhoef of imec-DistriNet, KU Leuven VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP Printers and MFPs, and HP JetDirect Networking accessories using WPA or WPA2. This vulnerabili...
HP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities
Potential Security Impact KRACK Attacks VULNERABILITY SUMMARY On October 16, security researchers publicly announced vulnerabilities in the WiFi WPA2 standard. See the References section below for links to additional resources describing the KRACK Attacks WPA2 potential vulnerabilities in detail...
HP JetDirect unauthorized access
HP JetDirect unauthorized access Vulnerability details HP printers offer telnet the remote control the default not set the password exposed in the public network on a large number of devices may remotely view the printer's various details the use of the state, as well as the detailed configuratio...
HPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information
Potential Security Impact Remote disclosure of information VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP LaserJet Printers and MFPs, certain HP OfficeJet Printers and MFPs, and certain HP JetDirect Networking cards using OpenSSL. This is the SSLv3...
Xerox Administrator Console Password Extractor
This module will extract the management console's admin password from the Xerox file system using firmware bootstrap injection. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xerox Administrat...
HP JetDirect J3111A Invalid FTP Command DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1491/info HP JetDirect firmware is vulnerable to a Denial of Service attack. JetDirect devices have an FTP service which fails to properly handle bad FTP commands sent with the ftp quote command. This causes the device to...
HP JetDirect rev. G.08.x/rev. H.08.x/x.08.x/J3111A LCD Display Modification Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2245/info Certain versions of HP JetDirect enabled printers provide a function PJL command that changes the LCD display on a printer over TCP/IP. Arbitrary strings can be sent to the LCD display by a remote user using thi...
HP JetDirect PJL Interface Universal Path Traversal
No description provided by source. Exploit Title: HP JetDirect PJL Interface Universal Path Traversal Date: Aug 7, 2011 Author: Myo Soe YGN Ethical Hacker Group - http://yehg.net/ Software Link: http://www.hp.com Version: All Tested on: HP LaserJet Pxxxx Series $Id: $ This file is part of the...
HP JetDirect PJL Query Execution
No description provided by source. Exploit Title: HP JetDirect PJL Query Execution Date: Aug 7, 2011 Author: Myo Soe YGN Ethical Hacker Group - http://yehg.net/ Software Link: http://www.hp.com Version: All Tested on: HP LaserJet Pxxxx Series $Id: $ This file is part of the Metasploit Framework a...
HP Jetdirect FTP Print Server RERT Command Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23168/info HP JetDirect FTP Print Server is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue on an affected computer to deny service to legitimate users. FTP Print Server 2.4 and prior...
HP JetDirect Printer SNMP JetAdmin Device Password Disclosure Vulnerability
No description provided by source. HP JetDirect J2552A/J2552B/J2591A/J3110A/J3111A/J3113A/J3263A/300.0 X Printer SNMP JetAdmin Device Password Disclosure Vulnerability source: http://www.securityfocus.com/bid/7001/info A problem with JetDirect printers could make it possible for a remote user to...
HP LaserJet Printers Unauthenticated Access (Telnet)
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted...
DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal (CVE-2011-4785)
Title: DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal CVE-2011-4785 Severity: High Date Discovered: 2011-10-12 Discovered By: Digital Defense, Inc. Vulnerability Research Team Credited To: sxkeebler and r@b13$ Vulnerability Description: The HP-ChaiSOE/1.0 embedded web server on certa...
HP JetDirect PJL Interface Universal Path Traversal
Exploit Title: HP JetDirect PJL Interface Universal Path Traversal Date: Aug 7, 2011 Author: Myo Soe Software Link: http://www.hp.com Version: All Tested on: HP LaserJet Pxxxx Series $Id: $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial...