Vulnerability Development mailing list archives
Re: JetDirect Card DoS exploit?
From: Ron DuFresne <dufresne () WINTERNET COM>
Date: Thu, 5 Oct 2000 09:58:07 -0500
Bill, Jetdirect cards have long been known to be able to be DOS'ed with various namp scans, old sping and a few other 'exploits'. A search of the bugtraq archive should provide quite a list of possible ways to drop the printers out till they are recycled. Thanks, Ron Dufresne On Wed, 4 Oct 2000, Bill Hayes wrote:
On Monday, we saw all of the HP JetDirect-equipped printers go belly up on one of our subnets. They would not respond to pings. We restarted them and all is going well. I think there might be two possiblities. First, someone could have written a DoS script that attacks HP JetDirect cards, possibly running against Telnet or SNMP. Secondly, an improperly configured box with either net discovery or scanning tools could have caused this problem. I have seen a Win2K Pro box take out a Xyplex terminal server by scanning port 23, so perhaps this could have happened. I've been unable to duplicate this latter possiblity with HP JetDirect cards. The seem to be fine before and after the scans from a Win2K Pro box. Is anyone aware of any other possiblities? Bill... William Hayes, Computer Specialist, Communications & Information Technology Network Security Consultant, Information Services Networking & Ops Center University of Nebraska Lincoln
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Current thread:
- JetDirect Card DoS exploit? Bill Hayes (Oct 05)
- Re: JetDirect Card DoS exploit? Ryan W. Maple (Oct 05)
- Re: JetDirect Card DoS exploit? Ron DuFresne (Oct 05)
- <Possible follow-ups>
- Re: JetDirect Card DoS exploit? Begley, Mason (Oct 05)
- Re: JetDirect Card DoS exploit? Blair Strang (Oct 06)