Security Incidents mailing list archives
RE: Jetdirect card Attack???
From: "fuzzz" <fuzzz () charter net>
Date: Thu, 19 Jul 2001 22:27:43 -0500
-----Original Message----- From: fuzzz [mailto:fuzzz () charter net] Sent: Thursday, July 19, 2001 8:52 PM To: Subject: RE: .ida Intrusion Attempt confirmed. ida/red worm it is hitting our jet directs printing pages with the www.worm.com on them... rule 27 don't leave jet directs open to the outside world they have web(80) ftp and telnet open on them. HP has a new firmware that locks this down. I have heard of some Cisco devices misbehaving with older versions as well fuzz -----Original Message----- From: Ryan Russell [mailto:ryan () securityfocus com] Sent: Thursday, July 19, 2001 7:31 PM To: James Edwards Cc: sdsu-cert () lists sdsu edu; incidents () securityfocus com Subject: Re: Jetdirect card Attack??? Would all of the printers happen to be running a built-in web server? Ryan On Thu, 19 Jul 2001, James Edwards wrote:
Yesterday, one of the printers here in ITS began printing a Jetdirect Diagnostic Page showing a S/W Exception 00fb and a core dump ("Registers", "Stack", and "Register Pointer Memory Dump" in Hex). I changed the slot, and the error followed (from EIO1 to EIO2), therefore I guessed that the card was bad. Today another printer began to share the same symptoms. I have a hard time believing that two cards would go bad at the same time Has anyone else noted this phenomenon?? Could it be a different type of printer attack than the port 515 attacks??
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Jetdirect card Attack??? James Edwards (Jul 19)
- Re: Jetdirect card Attack???--Followup James Edwards (Jul 19)
- Re: Jetdirect card Attack???--Followup kawaii (Jul 20)
- Re: Jetdirect card Attack??? Ryan Russell (Jul 19)
- RE: Jetdirect card Attack??? fuzzz (Jul 19)
- Jetdirect card Attack???-Final from original poster James Edwards (Jul 20)
- Re: Jetdirect card Attack???-Final from original poster Gary Flynn (Jul 21)
- RE: Jetdirect card Attack??? fuzzz (Jul 19)
- Re: Jetdirect card Attack???--Followup James Edwards (Jul 19)
- Re: Jetdirect card Attack??? Brendan Murphy (Jul 19)
- Re: Jetdirect card Attack??? Gary Flynn (Jul 19)
- <Possible follow-ups>
- Re: Jetdirect card Attack??? Bojan Zdravkovic (Jul 19)