Information Security News mailing list archives
Samsung to issue firmware fix for printer security flaw on Friday
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 30 Nov 2012 12:33:12 -0600 (CST)
http://www.computerworld.com/s/article/9234118/Samsung_to_issue_firmware_fix_for_printer_security_flaw_on_Friday By John Ribeiro IDG News Service November 29, 2012Samsung Electronics will close a security hole in the firmware of some of its printers by issuing an update on Friday, and said they could be protected by disabling SNMP.
The affected printers have a backdoor administrator account hard-coded in their firmware that does not require authentication and can be accessed over the Simple Network Management Protocol (SNMP) interface, the U.S. Computer Emergency Readiness Team (US-CERT) said earlier this week in an advisory.
The affected Samsung printers, and some Dell printers made by Samsung, contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility, US-CERT said.
SNMP is an Internet protocol commonly used to monitor and read statistics from network-attached devices.
[...] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More!http://www.shopinfosecnews.org
Current thread:
- Samsung to issue firmware fix for printer security flaw on Friday InfoSec News (Nov 30)