Ответ: Security of PCL and PostScript

["Gleb Paharenko" <gpaharenko () gmail com>]

Hi.

> From my experience, there were cases where printer or print server has
hanged with a complex
document, and there fore need to be restarted. Perhaps, theoretically
you can exploit this not only for DOS. However I do not have
information about public exploits.


2008/5/13, Paul Johnston <paj () pajhome org uk>:
> Hi,
>
> I've been told a few times PCL and PostScript are fully functional
> stack-based languages. Had anyone successfully compromised a printer, by
> submitting a job that contains malicious PCl or PostScript? I'd be
> particularly interested to know if this is an inherent weakness with the
> languages, or a specific vulnerability that has existed in some versions of
> printer firmware, but been patched since.
>
> Regards,
>
> Paul


-- 
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com