Security Incidents mailing list archives
RE: Nimda affecting HP LaserJet / JetDirect devices?
From: auto241065 () hushmail com
Date: Fri, 21 Sep 2001 18:02:35 -0700
You guys are pulling my leg right? How the heck does it infect a printer? I was under the impression that codered and Nimda "infected" windows operating systems. I've heard the volume of traffic created could DOS devices like printers that used HTTP for management. I thought the original poster was either joking or the victim of a practical joke, but after a second post I must be the butt of the joke. ----- Original Message -----
From: Richard.Grant () mail state ky us To: shaffer () labs agilent com, incidents () securityfocus com Subject: RE: Nimda affecting HP LaserJet / JetDirect devices? Date: Fri, 21 Sep 2001 15:42:07 -0400 We have no less than 20 Lexmark printers that were infected. In every case they did not have up-to-date firmware. This started with Code Red and has continued with Nimda. There are some notible differences though, Code Red just started the printers sending out large quantities of packets. The Nimda infected machines are searching for Web servers. In both cases upgrading the firmware and restarting the printer has solved the problem. So far we have not had any of our HP's infected by Nimda as they were by Code Red. This is what we have found.. -----Original Message----- From: Michael W. Shaffer [mailto:shaffer () labs agilent com] Sent: Friday, September 21, 2001 1:36 PM Subject: Nimda affecting HP LaserJet / JetDirect devices? We are starting to get reports here from various users around our site that our HP network printers are displaying strange messages such as 'Good Morning', 'Nimda Live', and 'Kill Trees'. Has anyone else noticed this behavior? Any information on what vulnerability is being exploited here or whether this is the same Nimda agent as that propagating across Windows platforms would be greatly appreciated.
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Nimda affecting HP LaserJet / JetDirect devices? Michael W. Shaffer (Sep 21)
- Re: Nimda affecting HP LaserJet / JetDirect devices? Michael W. Shaffer (Sep 21)
- Re: Nimda affecting HP LaserJet / JetDirect devices? Florian Weimer (Sep 21)
- <Possible follow-ups>
- RE: Nimda affecting HP LaserJet / JetDirect devices? Richard . Grant (Sep 21)
- RE: Nimda affecting HP LaserJet / JetDirect devices? Nick FitzGerald (Sep 23)
- RE: Nimda affecting HP LaserJet / JetDirect devices? auto241065 (Sep 22)
- Re: Nimda affecting HP LaserJet / JetDirect devices? Trey Valenta (Sep 22)
- Re: Nimda affecting HP LaserJet / JetDirect devices? johan . augustsson (Sep 24)
- Re: Nimda affecting HP LaserJet / JetDirect devices? Trey Valenta (Sep 22)