5 matches found
CVE-2001-1039
The CVE describes a vulnerability in the JetAdmin web interface for HP JetDirect where the telnet interface password is not set after the admin password is changed. This allows remote attackers to gain access to the printer over the network (attack vector: network, low complexity). The available ...
CVE-2000-0443
The CVE-2000-0443 entry concerns the HP Web JetAdmin 5.6 web interface server, which is vulnerable to a directory traversal (.. attack) allowing remote attackers to read arbitrary files. The core issue is a failure to sanitize path inputs in the web interface, enabling access to files outside the...
CVE-1999-1433
HP JetAdmin D.01.09 on Solaris is affected by a local privilege escalation via a symlink attack on /tmp/jetadmin.log, allowing a local user to change file permissions. The root cause is a race/symlink vulnerability in the handling of the log file, enabling arbitrary file permission changes. Publi...
CVE-2001-1040
CVE-2001-1040 affects HP LaserJet and possibly other JetDirect devices, where certain power-off behavior resets the admin password. The result is that a remote attacker could gain administrative access without a password after the device is turned off, per the available description. The provided ...
CVE-2000-0444
HP Web JetAdmin 6.0 is affected. The vulnerability is a remote denial-of-service caused by a malformed URL targeting port 8000. Root cause described as malformed URL handling; no additional exploit details or affected versions beyond the 6.0 release are provided in the documents. No remediation o...