CVE-2017-14386

The web user interface of Dell 2335dn and 2355dn Multifunction Laser Printers, firmware versions prior to V2.70.06.26 A13 and V2.70.45.34 A10 respectively, are affected by a cross-site scripting vulnerability. Attackers could potentially exploit this vulnerability to execute arbitrary HTML or...

Cross site scripting

The web user interface of Dell 2335dn and 2355dn Multifunction Laser Printers, firmware versions prior to V2.70.06.26 A13 and V2.70.45.34 A10 respectively, are affected by a cross-site scripting vulnerability. Attackers could potentially exploit this vulnerability to execute arbitrary HTML or...

CVE-2017-14386

The web user interface of Dell 2335dn and 2355dn Multifunction Laser Printers, firmware versions prior to V2.70.06.26 A13 and V2.70.45.34 A10 respectively, are affected by a cross-site scripting vulnerability. Attackers could potentially exploit this vulnerability to execute arbitrary HTML or...

Brother Printer Debut Embedded HTTP Server Detection

Binary data brotherdebutdetect.nbin...

Brother Printer Debut embedded httpd <= 1.20 DoS

According to its self-reported version number, the embedded Debut HTTP server running on the remote Brother printer is equal or prior to version 1.20. It is, therefore, affected by a denial of service vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description...

GHSA-5C8J-XR24-2665 Potential Command Injection in printer

Versions 0.0.1 and earlier of printer are affected by a command injection vulnerability resulting from a failure to sanitize command arguments properly in the printDirect function. Recommendation Update to version 0.0.2 or later...

Potential Command Injection in printer

Versions 0.0.1 and earlier of printer are affected by a command injection vulnerability resulting from a failure to sanitize command arguments properly in the printDirect function. Recommendation Update to version 0.0.2 or later...

The vulnerability of Brother printer’s microprogramming software, related to deficiencies in authentication procedures, allows attackers to gain access to the devices.

The vulnerability of Brother’s microprogramming software is related to deficiencies in the authentication process. After a failed attempt to access the HTTP response, the valid AuthCookie is retained. Exploiting this vulnerability could allow a malicious actor to gain access to the device remotel...

HP to Patch RCE Bug Impacting 50 Enterprise Printer Models

UPDATE HP Inc. said it has released firmware patches for dozens of enterprise-class printer models affected by an arbitrary code execution bug. According to a security bulletin posted by HP, the vulnerability CVE-2017-2750 is tied to “insufficient solution DLL signature validation” allowing for...

Apple iPhone X Face ID Fooled by a Mask

Apple’s Face ID technology, the centerpiece biometric authentication mechanism for the iPhone X, has been cracked a little more than a week after it was introduced to the public. Researchers from Vietnamese security company Bkav demonstrated that they could fool the technology to unlock the phone...

New Research in Invisible Inks

It's a lot more chemistry than I understand: Invisible inks based on "smart" fluorescent materials have been shining brightly if only you could see them in the data-encryption/decryption arena lately.... But some of the materials are costly or difficult to prepare, and many of these inks remain...

foo2zjs Arbitrary File Overwrite Vulnerability

Ubuntu is a GNU/Linux operating system for desktop applications developed by Canonical and the Ubuntu Foundation. Debian unstable and Debian squeeze are both free operating systems created by the Debian Project Collaboration with Linux or FreeBSD as the kernel. foo2zjs is one of the printer...

CVE-2014-3741

The printDirect function in lib/printer.js in the node-printer module 0.0.1 and earlier for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in the lpr command...

UBUNTU-CVE-2014-3741

The printDirect function in lib/printer.js in the node-printer module 0.0.1 and earlier for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in the lpr command...

CVE-2014-3741

The CVE-2014-3741 issue affects the node-printer package (printDirect in lib/printer.js) for Node.js

Printer Status changes to "Access denied, unable to connect" after logging out and back in

Network printers that are added from a Citrix Universal Print Server go into an "Access denied, unable to connect" status after a Citrix profile managed user logs off and logs back in...

Samba: Server memory information leak over SMB1

An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker...

BSA-2017-440

Security Advisory ID : BSA-2017-440 Component : Samba Revision : 2.0: Interim An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the...

Brother DCP-J132W Denial of Service Vulnerability

Brother DCP-J132W is a printer introduced by Brother. A denial of service vulnerability exists in httpd embedded in the Brother DCP-J132W, which allows a remote attacker to cause the printer to hang disrupting its network connection by sending a large number of HTTP packets...

Samba: Server memory information leak over SMB1

An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker...