PT-2017-3135 · Pharos · Pharos Popup Printer Client

Name of the Vulnerable Software and Affected Versions: Pharos PopUp printer client version 9.0 Description: A buffer overflow exists in the psnotifyd application, allowing a specially crafted packet to cause a heap-based buffer overflow. This can result in potential remote code execution. The...

HP Printer Improper Access Control

HP Printers Wi-Fi Direct Improper Access Control -------------------------------------------------------------------------------- 1. Advisory Information Title: HP Printers Wi-Fi Improper Access Control Advisory ID: NESESO-2017-0111 Advisory URL: http://neseso.com/advisories/NESESO-2017-0111.pdf...

CUPS Remote Code Execution

!/usr/bin/python Exploit Title: CUPS Reference Count Over Decrement Remote Code Execution Google Dork: n/a Date: 2/2/17 Exploit Author: @0x00string Vendor Homepage: cups.org Software Link: https://github.com/apple/cups/releases/tag/release-2.0.2 Version: \n" " -h, --help: Show this message\n" " -...

Printer Exploitation Toolkit: PRET

Printer Exploitation Toolkit PRET is a new tool for printer security testing developed in the scope of a Master’s Thesis at Ruhr University Bochum. PRET connects to a device via network or USB and exploits the features of a given printer language. Currently PostScript , PJL and PCL are supported...

CVE-2016-10079

SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability service crash with a long string to TCP port 515...

Flaws Found in Popular Printer Models

Vulnerabilities in popular printer models made by HP, Dell and Lexmark expose the devices to attackers who can steal passwords, shut down printers and even steal print jobs. Academic researchers at the University Alliance Ruhr on Monday published a series of advisories and an informational wiki...

Hacking Printers Advisory 1

TL;DR: In the scope of academic research on printer security, various vulnerabilities in network printers and MFPs have been discovered. This is advisory 1 of 6 of the Hacking Printers' series. Each advisory discusses multiple issues of the same category. This post is about manipulating and...

Hacking Printers Advisory 2

TL;DR: In the scope of academic research on printer security, various vulnerabilities in network printers and MFPs have been discovered. This is advisory 2 of 6 of the Hacking Printers' series. Each advisory discusses multiple issues of the same category. This post is about accessing a printers...

WinAxePlus-8.7

WinAxe server is prone to a remote buffer overflow that could allow a malicious suer to execute arbitrary code in the context of the affected application. The exploit has been tested in Windows platforms and currently there is no fix or patch available for this program. Exploit Title: WinaXe Plus...

[SECURITY] Fedora 24 Update: boomaga-0.8.0-6.git97f52c1.fc24

Boomaga BOOklet MAnager is a virtual printer for viewing a document before printing it out using the physical printer. The program is very simple to work with. Running any program, click "print" and select "Boomaga" to see in several seconds CUPS takes some time to respond the Boomaga window open...

Some printer settings are not restored correctly when you use Printbrm.exe in Windows Server 2012 R2

Some printer settings are not restored correctly when you use Printbrm.exe in Windows Server 2012 R2 This article describes an issue that occurs when you use the Printbrm.exe tool on a print server that's running Windows Server 2012 R2. You can fix this issue by using the update in this article...

[SECURITY] Fedora 23 Update: ghostscript-9.20-5.fc23

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...

[SECURITY] Fedora 25 Update: ghostscript-9.20-4.fc25

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...

[SECURITY] Fedora 23 Update: ghostscript-9.20-2.fc23

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...

Printer Daemon Detection

Binary data 9663.prm...

Citrix Print Manager Service or Microsoft Print Spooler Service Crashes or Hangs

The Citrix Print Manager service cpsvc.exe or Microsoft Print Spooler service spoolsv.exe crashes or hangs. Printers are not auto-created, the default printer is not set correctly in the session, print jobs fail to spool, and so on...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system’s print queue dispatcher is related to security configuration errors. Exploiting this vulnerability allows a perpetrator performing a “man-in-the-middle” attack to execute arbitrary code using a specially crafted print driver during printer...

On Pokemon and Privacy, Riffle, the Fiat Chrysler Bug Bounty Program, and More

Mike Mimoso and Chris Brook discuss the news of the week, including privacy and Pokemon GO, a new MIT anonymity system, the Fiat Chrysler bug bounty program, and a patched printer spooler vulnerability. Download: ThreatpostNewsWrapJuly152016.mp3 Music by Chris Gonsalves...

PHP 7.0.0 Double Free Vulnerability (Jul 2016) - Windows

PHP is prone to a double free vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Have a printer with a network-vulnerability warning-the black bar safety net

Description Printer for the IOT world provides an interesting case,because unlike most IOT devices compared to their very powerful hardware,but usually not by the administrator is considered to be a“real”computer. Over the years,many security researchers and reported in the printer of the...