Bugtraq mailing list archives

Re: Tektronix PhaserLink Webserver Reveals Admin Password

From: elfchief () LUPINE ORG (elfchief () LUPINE ORG)
Date: Thu, 18 Nov 1999 09:14:50 -0800

Here are a couple more problems with the Tektronix webserver services:


And one more: Even in absence of any sort of password- (or password hash-)
aquiring attack, it's still possible to use up all of someone's consumables
without a password at all -- No trickery required!

[Keep in mind that a toner set for a 780 is ~ $600]

The "configure settings" page (http://printer/button_config.html) has
a drop-down menu that allows you to print a number of different
pages (test pages, color samples, startup page). This menu, and the
functions it performs, do not require a password of any sort. Go to the
page, select "CMYK Sampler Prints", click the button, and sit back while
32 pages of toner and paper go away.

[I reported this to Tektronix more than 6 months ago, at the same time I
 reported a printer-crashing bug. They fell all over themselves to fix
 the crashing bug (with some of the best support I'd ever gotten ... good
 job!), but seemed truly uninterested in stopping random people from being
 able to consume one's toner.]

Me, I just firewall my damned printer.

                                                                        -WW

Current thread:

Windows NT update carries bug Williams, Ken (Nov 15)
- Re: Windows NT update carries bug Alan J. Wylie (Nov 16)
  - Re: Windows NT update carries bug Fabian Kroenner (Nov 16)
  - [Fwd: Printer Vulnerability: Tektronix PhaserLink Webserver gives Administrator Password] Dennis W. Mattison (Nov 16)
    - Jet Vulnerability affect Office 95 users (fwd) ah1 () SECURITYFOCUS COM (Nov 17)
    - Re: [Fwd: Printer Vulnerability: Tektronix PhaserLink Webserver gives Administrator Password] Ronan Waide (Nov 17)
    - Re: Tektronix PhaserLink Webserver Reveals Admin Password Blake Frantz (Nov 17)
    - Remote DoS attack against Microsoft SQL Server 7.0 Kevork Belian (Nov 17)
    - Re: Tektronix PhaserLink Webserver Reveals Admin Password elfchief () LUPINE ORG (Nov 18)
    - Potential vulnerability in Oracle Mary Ann Davidson (Nov 18)
    - Re: [Fwd: Printer Vulnerability: Tektronix PhaserLink Webservergives Administrator Password] Dennis W. Mattison (Nov 18)
    - buffer overflow in HP JetDirect module (probably affects all HP printers with network support) Tobias Haustein (Nov 19)
    - Re: buffer overflow in HP JetDirect module (probably affects all HP printers with network support) Brian (Nov 19)
    - Re: buffer overflow in HP JetDirect module (probably affects all HP printers with network support) Pat Hayden (Nov 20)
    - Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23 Vulnerability Ussr Labs (Nov 22)
- <Possible follow-ups>
- Re: Windows NT update carries bug Peter Kane (Nov 16)
- Re: Windows NT update carries bug Tony Plastino (Nov 16)