Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Samsung to issue firmware fix for printer security flaw on Friday

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 30 Nov 2012 12:33:12 -0600 (CST)
http://www.computerworld.com/s/article/9234118/Samsung_to_issue_firmware_fix_for_printer_security_flaw_on_Friday

By John Ribeiro
IDG News Service
November 29, 2012
Samsung Electronics will close a security hole in the firmware of some of its printers by issuing an update on Friday, and said they could be protected by disabling SNMP.
The affected printers have a backdoor administrator account hard-coded in their firmware that does not require authentication and can be accessed over the Simple Network Management Protocol (SNMP) interface, the U.S. Computer Emergency Readiness Team (US-CERT) said earlier this week in an advisory.
The affected Samsung printers, and some Dell printers made by Samsung, contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility, US-CERT said.
SNMP is an Internet protocol commonly used to monitor and read statistics from network-attached devices. 

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org
Previous By Date Next
Previous By Thread Next

Current thread: