Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: JetDirect Card DoS exploit?

From: "Ryan W. Maple" <ryan () GUARDIANDIGITAL COM>
Date: Thu, 5 Oct 2000 10:32:39 -0400
I'm no expert but I've seen stuff on JetDirect vulnerabilities in the
past.  I went to packetstorm (packetstorm.securify.com) and did a search
on "JetDirect" and items such as the following were returned:

hp-jetdirect-DoS.txt
  http://packetstorm.securify.com/new-exploits/hp-jetdirect-DoS.txt

jetdirect.crash.txt
  http://packetstorm.securify.com/9911-exploits/jetdirect.crash.txt

Everything here is from circia 1998 so things may have changed since then.
I do not use any JetDirect printers so I have no idea.  Hope this helps.

                                          /"\
Ryan W. Maple                             \ /     ASCII Ribbon Campaign
Guardian Digital, Inc.                     X      Against HTML & Outlook Mail
ryan () guardiandigital com                  / \     http://www.thebackrow.net


On Wed, 4 Oct 2000, Bill Hayes wrote:


On Monday,  we saw all of the HP JetDirect-equipped printers go belly up on
one of our subnets.  They would not respond to pings.  We restarted them
and all is going well. I think there might be two possiblities.

First,  someone could have written a DoS script that attacks HP JetDirect
cards, possibly running against Telnet or SNMP. Secondly,  an improperly
configured box with either net discovery or scanning tools could have
caused this problem.

I have seen a Win2K Pro box take out a Xyplex terminal server by scanning
port 23, so perhaps this could have happened. I've been unable to duplicate
this latter possiblity with HP JetDirect cards. The seem to be fine before
and after the scans from a Win2K Pro box.

Is anyone aware of any other possiblities?
Previous By Date Next
Previous By Thread Next

Current thread: