Bugtraq mailing list archives
RE: IBM Infoprint Remote Management Simple DoS (update)
From: "Toni Lassila" <toni.lassila () mc-europe com>
Date: Thu, 31 Oct 2002 12:16:17 +0200
UPDATE: It appears this vulnerability has been rectified in later versions of the printer controller software. As it stands, printers installed with the controller software above a certain version are NOT vulnerable, and it appears the latest Infoprint series printers are indeed not vulnerable. Thanks to Fredrik Björk <Fredrik.Bjork.List () varbergenergi se> and Onyx Thanes <wewe () personal ro> for information relating to non-vulnerable versions: Confirmed vulnerable: IBM Infoprint 21 - Controller Code Level: 1.047012 Confirmed NOT vulnerable: IBM Infoprint 21 - Controller Code Level: 1.056007 Any newer Infoprint models As to when IBM started releasing the printers with the non-vulnerable software installed, well, you'd have to ask IBM for that.
-----Original Message----- From: Toni Lassila Sent: Friday, October 25, 2002 12:19 To: bugtraq () securityfocus com Subject: IBM Infoprint Remote Management Simple DoS Overview ======== IBM makes a series of TCP/IP enabled printers that come with remote management features: <http://www.printers.ibm.com/R5PSC.NSF/Web/wglaserselect> One of these features is a Telnet-based remote management service, which has a DoS vulnerability. The vulnerability discussed here was tested on an IBM Infoprint 21 (older model), but is probably present in other printers of the same product line.
Current thread:
- RE: IBM Infoprint Remote Management Simple DoS (update) Toni Lassila (Oct 31)