Authentication flaw

The web service on Epson WorkForce WF-2861 10.48 LQ22I3Recovery-mode, WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to upload a firmware file and reset the printer without authentication by making a request to the /DOWN/FIRMWAREUPDATE/ROM1 URI and a POST request t...

SRC-2019-0025 : Foxit Reader PDF Printer proxyDoAction opcode Stack Buffer Overflow Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

SRC-2019-0030 : Foxit Reader PDF Printer proxyGetAppEdition Stack Buffer Overflow Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

SRC-2019-0029 : Foxit Reader PDF Printer proxyDoAction opcode 0x100000 Stack Buffer Overflow Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

SRC-2019-0028 : Foxit Reader PDF Printer proxyDoAction opcode 0x200000 Stack Buffer Overflow Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

PewDiePie Hackers Say They Launched Second Printer Siege

UPDATE Hackers have claimed that they launched yet another attack tricking hundreds of thousands of printers globally to print pamphlets promoting YouTube celebrity “PewDiePie.” The latest incident comes on the heels of a similar hack last month. That’s when hackers claimed they commandeered 50,0...

ctdb, libsmbclient, libwbclient, samba security update

CentOS Errata and Security Advisory CESA-2018:3056 An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2018-18006

Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files...

Medium: samba

Issue Overview: A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cause the printer spooler service to crash.CVE-2018-1050 A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory...

TV B Gone Kit - New Universal Device Case

Document Title: =============== TV B Gone Kit - New Universal Device Case References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2172 Download: https://www.vulnerability-lab.com/resources/documents/TVBGoneKitSTL.zip Informativ: https://learn.adafruit.com/tv-b-gone-kit/overvie...

TV B Gone Kit - New Universal Device Case

Document Title: =============== TV B Gone Kit - New Universal Device Case References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2172 Download: https://www.vulnerability-lab.com/resources/documents/TVBGoneKitSTL.zip Informativ: https://learn.adafruit.com/tv-b-gone-kit/overvie...

YouTuber PewDiePie Promoted Via 50K Hacked Printers

A hacker claims to have commandeered 50,000 printers globally in order to print pamphlets promoting YouTube star “PewDiePie.” The alleged widespread hack sheds light on just how insecure printers are, and how precarious printer vulnerabilities could be when they offer an easy route into the...

Someone Hacked 50,000 Printers to Promote PewDiePie YouTube Channel

This may sound crazy, but it's true! The war for "most-subscribed Youtube channel" crown between T-Series and PewDiePie just took an interesting turn after a hacker yesterday hijacked more than 50,000 internet-connected printers worldwide to print out flyers asking everyone to subscribe to...

Someone Hacked 50,000 Printers to Promote PewDiePie YouTube Channel

This may sound crazy, but it's true! The war for "most-subscribed Youtube channel" crown between T-Series and PewDiePie just took an interesting turn after a hacker yesterday hijacked more than 50,000 internet-connected printers worldwide to print out flyers asking everyone to subscribe to...

Scientific Linux Security Update : samba on SL7.x x86_64 (20181030)

Security Fixes : - samba: Weak authentication protocol regression CVE-2018-1139 - samba: Insufficient input validation in libsmbclient CVE-2018-10858 - samba: NULL pointer dereference in printer server process CVE-2018-1050 C Tenable Network Security, Inc. The descriptive text is C Scientific...

Old Printer Vulnerabilities Die Hard

Despite copious warnings and efforts by the security community to harden the defenses of printers, they continue to represent a ripe target for attackers. Just this past summer researchers at Check Point found a vulnerability that allowed an attacker to compromise a multi-function printer with fa...

A week in security (October 29 – November 4)

Last week on Malwarebytes Labs, we looked at a rogue cryptocurrency app installing backdoors, took a dive into the world of printer security, explored browser privacy tweaks, highlighted a music festival–themed breach, and introduced Malwarebytes for Chromebook. Other cybersecurity news Memory...

Lexmark Printer Buffer Overflow Vulnerability (CVE-2018-15519)

Multiple Lexmark printers are prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Lexmark Printer Buffer Overflow Vulnerability (CVE-2018-15520)

Multiple Lexmark printers are prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Removing the jam in your printer security

Printers are an important, invisible—albeit sometimes loud—component of the office. But all too often they’re filled with mystery meat icons, peculiar blinking lights, or error messages with no instruction manual to hand. No problem, you can just print at the next station! Wrong. Printers also...