8 matches found
HP LaserJet Directory Traversal in PJL Interface
漏洞分析 密码爆破 惠普官方已经在2010年11月的安全通告上发布了漏洞解决办法,用户可以通过禁用 PJL 的文件系统访问权限或重新设置 PJL 密码来解决此问题。但 PJL 的安全密码是范围1-65535的数字,密码认证次数和频率并没有限制,远程攻击者可以通过爆破可以将 PJL 的密码安全保护禁用,进而可绕过密码验证通过 PJL 对打印机内置的文件系统进行读写。文件系统包含后台处理打印作业、收到的传真、日志文件和配置文件。 使用以下 Python3 程序对系统进行漏洞检测: 如果打印出“PoC OK!”,说明系统存在漏洞。PoC...
HP LaserJet PJL Interface Directory Traversal (HPSBPI02575)
The remote host's PJL interface fails to sanitize input to the 'name' parameter of the 'fsdirlist' command before using it. An attacker can leverage this issue using a directory traversal sequence to view arbitrary files on the affected host within the context of the PJL service. Information...
HP LaserJet printer PJL interface directory traversal vulnerability-vulnerability warning-the black bar safety net
HP LaserJet is HP printer, comprising a plurality of models. HP LaserJet to the MFP device in the PJL file system access interface there is a directory traversal vulnerability that could lead to sensitive information disclosure and is likely to be modified. This includes the background processing...
n.runs-SA-2010.003 - Hewlett Packard LaserJet MFP devices - Directory Traversal in PJL interface
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.003 16-Nov-2010 Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP devices See HP advisory 3 for the complete list Vulnerability: Directory Traversal in PJL interface Risk: HIGH Vendor...
HP LaserJet Directory Traversal in PJL Interface
Exploit for hardware platform in category remote exploits ================================================ HP LaserJet Directory Traversal in PJL Interface ================================================ Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP device...
HP LaserJet - Directory Traversal in PJL Interface
HP LaserJet - Directory Traversal in PJL Interface n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.003 16-Nov-2010 Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP devices See HP advisory 3 for the complete list Vulnerability: Directory...
HP LaserJet - Directory Traversal in PJL Interface
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.003 16-Nov-2010 Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP devices See HP advisory 3 for the complete list Vulnerability: Directory Traversal in PJL interface Risk: HIGH Vendor...
HPSBPI02575 SSRT090255 rev.3 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files
Potential Security Impact Remote unauthorized access to files VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP LaserJet MFP printers, HP Color LaserJet MFP printers, and certain HP LaserJet printers. The vulnerability could be exploited remotely to gain...