[Full-disclosure] Remote DOS HP JetDirect Print Servers

2007-03-28T00:00:00
ID SECURITYVULNS:DOC:16500
Type securityvulns
Reporter Securityvulns
Modified 2007-03-28T00:00:00

Description

Vulnerability : Remote DOS HP JetDirect Print Servers Product : HP JetDirect Print Servers "HP LaserJet Series" By: Handrix <handrix_at_morx_org> 26 March 2007 MorX security research team www.morx.org

+-------------+ | Description :------------------------------------------------------------------------------- +-------------+ | | HP JetDirect print servers allow you to connect printers and other | devices directly to a network. | | Such devices provide a variety of embeded services online, as like as ftp, | snmp, web server, tftp ... and other daemon. | | However under a passive connection to the ftp's printers, and by sending a RERT command | with a big rang of data (271 to 277 char) as pathname, the ftp server turn down, | which cause the crash of the the engine. +---------------------------------------------------------------------------------------------

+---------+ | Example :----------------------------------------------------------------------------------- +---------+ | | % python /usr/lib/python2.4/ftplib.py -d [vulnerable host] -l -p `python -c 'print "A"*300'` +----------------------------------------------------------------------------------------------

+--------------------+ | Version vulnerable :----------------------------------------------------------------------- +--------------------+ | | Hewlett-Packard FTP Print Server Version 2.4 and prior +---------------------------------------------------------------------------------------------

+----------+ | Solution :--------------------------------------------------------------------------------- +----------+ | | Upgrade your drivers for your printers. | By consulting the web page : http://www.hp.com/support/net_printing +---------------------------------------------------------------------------------------------