Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

HP LaserJet 4 Series Jet Direct

From: ryagatich () CSN1 COM (Ryan Yagatich)
Date: Sun, 18 Jun 2000 22:58:42 -0400

Hello,

I'm not sure if this can be considered a "vulnerability" but in my eyes it is.

With the HP LaserJet 4 series Jet direct card you can telnet to port 9099 on the printer's IP address and type any text 
and on disconnect the page will be printed. If someone writes a piece of software that is like a dictionary generator 
and pushes it to this port, and then kills the connection later, it is possible to DOS your print services. why? well 
no paper/toner so you have no service.

Workaround: 

use a paralell connection between your printer and computer, and share it via Windows 9x printer sharing, or via Samba. 
Plus, this way you don't have to forfeit an IP address.

Questions/Comments:

please comment as much as possible on this topic.

Ryan Yagatich
Previous By Date Next
Previous By Thread Next

Current thread: