Jump to content


Photo

HP LaserJet network ptrs vulns/updates


  • Please log in to reply
2 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,137 posts

Posted 17 November 2010 - 08:28 AM

FYI...

HP LaserJet Printers PJL Directory Traversal vuln
- http://secunia.com/advisories/42238/
Release Date: 2010-11-16
Solution Status: Vendor Workaround ...
... The vulnerability is reported in the following products:
• HP LaserJet MFP printers (all models with Printer Job Language (PJL) support).
• HP Color LaserJet MFP printers (all models with Printer Job Language (PJL) support).
• HP LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 series...
Solution: Apply the workaround (please see the vendor's advisory for details).
Original Advisory: HPSBPI02575 SSRT090255...

- http://web.nvd.nist....d=CVE-2010-4107
Last revised: 11/19/2010
CVSS v2 Base Score: 7.8 (HIGH)

- http://www.securityt....com/id?1024741
Nov 16 2010
- http://h20000.www2.h...ectID=c02004333
Last Updated: 2010-11-15
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Potential Security Impact: Remote unauthorized access to files ...
"... Files within the printer can be accessed using the Printer Job Language (PJL) interface to exploit a directory traversal vulnerability. The vulnerability can be avoided by either one of the following actions:
• disable file system access via the PJL interface
• set a PJL password ..."

:!:

Edited by AplusWebMaster, 20 November 2010 - 01:29 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,137 posts

Posted 30 November 2011 - 06:58 AM

FYI...

- http://h20000.www2.h...ectID=c03102449
Last Updated: 2011-12-23 Version: 2 (rev.2)
23 December 2011 Code signing firmware available
___

HP LaserJet printers - firmware access vuln
- http://www.securityt....com/id/1026357
CVE Reference: CVE-2011-4161
Updated: Dec 1 2011
Impact: Execution of arbitrary code via network, Root access via network
Vendor Confirmed: Yes
Description: A vulnerability was reported in some HP LaserJet Printers. A remote user can update the firmware with arbitrary code. A remote user can send a specially crafted print job or specially crafted data to TCP port 9100 on the target printer to trigger an unspecified flaw and cause the printer to upgrade its firmware with arbitrary code. Some printers do not check digital signatures on firmware upgrades...
The original advisory is available at:
http://redtape.msnbc...researchers-say
Impact: A remote user can upgrade the printer's firmware with arbitrary code.
Solution: ... The vendor recommends disabling the 'Printer Firmware Update' feature as described at:
http://h71028.www7.h...P-Imaging10.pdf
The vendor's advisory is available at:
http://h20565.www2.h...mr_na-c03102449
Last Updated: 2011-11-30

- http://web.nvd.nist....d=CVE-2011-4161
Last revised: 12/02/2011
CVSS v2 Base Score: 10.0 (HIGH)

- https://secunia.com/advisories/47063/
Release Date: 2011-12-01
Criticality level: Moderately critical
Impact: Security Bypass ...

- https://isc.sans.edu...l?storyid=12112
Last Updated: 2011-11-29 16:22:00 UTC

- http://h-online.com/-1387374
30 November 2011
___

- http://www.hp.com/hp...11/111129b.html
Nov. 29, 2011 - "... Today there has been sensational and inaccurate reporting regarding a potential security vulnerability with some HP LaserJet printers. No customer has reported unauthorized access. Speculation regarding potential for devices to catch fire due to a firmware change is false. HP LaserJet printers have a hardware element called a “thermal breaker” that is designed to prevent the fuser from overheating or causing a fire. It cannot be overcome by a firmware change or this proposed vulnerability. While HP has identified a potential security vulnerability with some HP LaserJet printers, no customer has reported unauthorized access. The specific vulnerability exists for some HP LaserJet devices if placed on a public internet without a firewall. In a private network, some printers may be vulnerable if a malicious effort is made to modify the firmware of the device by a trusted party on the network. In some Linux or Mac environments, it may be possible for a specially formatted corrupt print job to trigger a firmware upgrade.
HP is building a firmware upgrade to mitigate this issue and will be communicating this proactively to customers and partners who may be impacted. In the meantime, HP reiterates its recommendation to follow best practices for securing devices by placing printers behind a firewall and, where possible, disabling remote firmware upload on exposed printers..."

:blink: :ph34r:

Edited by AplusWebMaster, 02 January 2012 - 09:45 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,137 posts

Posted 09 January 2012 - 03:31 PM

FYI...

HP LJ P3015 vuln - firmware ipdate available
- http://www.securityt....com/id/1026488
CVE Reference: CVE-2011-4785
Date: Jan 9 2012
Impact: Disclosure of system information, Disclosure of user information
Version: LaserJet P3015; firmware prior to 07.080.3 ...
Impact: A remote user can view files on the target system.
Solution: The vendor has issued a fix (HP LaserJet P3015; firmware 07.080.3).
The vendor's advisory is available at:
http://h20566.www2.h...mr_na-c03140700

Download:
> http://preview.tinyurl.com/7zn3bmg

- https://secunia.com/advisories/47457/
Release Date: 2012-01-09
Impact: Security Bypass
Where: From local network
Solution: Update to version 07.080.3.
Original Advisory: HPSBPI02733 SSRT100646:
http://h20565.www2.h...mr_na-c03140700
CVE-2011-4785
... HP LaserJet P3015 with firmware prior to 07.080.3...

:!: :ph34r:

Edited by AplusWebMaster, 16 January 2012 - 11:33 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.





2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button