Vulnerability Development mailing list archives
Re: JetDirect Card DoS exploit?
From: "Ryan W. Maple" <ryan () GUARDIANDIGITAL COM>
Date: Thu, 5 Oct 2000 10:32:39 -0400
I'm no expert but I've seen stuff on JetDirect vulnerabilities in the past. I went to packetstorm (packetstorm.securify.com) and did a search on "JetDirect" and items such as the following were returned: hp-jetdirect-DoS.txt http://packetstorm.securify.com/new-exploits/hp-jetdirect-DoS.txt jetdirect.crash.txt http://packetstorm.securify.com/9911-exploits/jetdirect.crash.txt Everything here is from circia 1998 so things may have changed since then. I do not use any JetDirect printers so I have no idea. Hope this helps. /"\ Ryan W. Maple \ / ASCII Ribbon Campaign Guardian Digital, Inc. X Against HTML & Outlook Mail ryan () guardiandigital com / \ http://www.thebackrow.net On Wed, 4 Oct 2000, Bill Hayes wrote:
On Monday, we saw all of the HP JetDirect-equipped printers go belly up on one of our subnets. They would not respond to pings. We restarted them and all is going well. I think there might be two possiblities. First, someone could have written a DoS script that attacks HP JetDirect cards, possibly running against Telnet or SNMP. Secondly, an improperly configured box with either net discovery or scanning tools could have caused this problem. I have seen a Win2K Pro box take out a Xyplex terminal server by scanning port 23, so perhaps this could have happened. I've been unable to duplicate this latter possiblity with HP JetDirect cards. The seem to be fine before and after the scans from a Win2K Pro box. Is anyone aware of any other possiblities?
Current thread:
- JetDirect Card DoS exploit? Bill Hayes (Oct 05)
- Re: JetDirect Card DoS exploit? Ryan W. Maple (Oct 05)
- Re: JetDirect Card DoS exploit? Ron DuFresne (Oct 05)
- <Possible follow-ups>
- Re: JetDirect Card DoS exploit? Begley, Mason (Oct 05)
- Re: JetDirect Card DoS exploit? Blair Strang (Oct 06)