Vulnerability Development mailing list archives
Re: HP LaserJet 4 Series Jet Direct
From: BlueBoar () THIEVCO COM (Blue Boar)
Date: Sun, 18 Jun 2000 20:21:07 -0700
Ryan Yagatich wrote:
I'm not sure if this can be considered a "vulnerability" but in my eyes it is. With the HP LaserJet 4 series Jet direct card you can telnet to port 9099 on the printer's IP address and type any text and on disconnect the page will be printed. If someone writes a piece of software that is like a dictionary generator and pushes it to this port, and then kills the connection later, it is possible to DOS your print services. why? well no paper/toner so you have no service.
Ok, so I can print to the printer..
Workaround: use a paralell connection between your printer and computer, and share it via Windows 9x printer sharing, or via Samba. Plus, this way you don't have to forfeit an IP address.
..And then, I can print to the printer?
Questions/Comments: please comment as much as possible on this topic. Ryan Yagatich
Not really seeing how the second choice keeps me from using as much toner and paper. There have been some really interesting attacks against HP's JetDirect cards in the past though... keep looking. BB
Current thread:
- Re: N2H2 Web Proxy/Filter appliance, (continued)
- Re: N2H2 Web Proxy/Filter appliance Mark (Jun 17)
- Re: N2H2 Web Proxy/Filter appliance Crispin Cowan (Jun 16)
- Re: Firewalls and stuff (Was about N2H2) Mark (Jun 17)
- Re: Firewalls and stuff (Was about N2H2) Crispin Cowan (Jun 17)
- (no subject) Bluefish (Jun 18)
- Re: N2H2 Web Proxy/Filter appliance Mark (Jun 17)
- Re: N2H2 Web Proxy/Filter appliance Eric Wanner (Jun 17)
- Re: N2H2 Web Proxy/Filter appliance Crispin Cowan (Jun 17)
- Re: N2H2 Web Proxy/Filter appliance Blue Boar (Jun 17)
- Re: N2H2 Web Proxy/Filter appliance Bluefish (Jun 18)
- HP LaserJet 4 Series Jet Direct Ryan Yagatich (Jun 18)
- Re: HP LaserJet 4 Series Jet Direct Blue Boar (Jun 18)
- Re: HP LaserJet 4 Series Jet Direct (and others) Joel Michael (Jun 18)
- Re: HP LaserJet 4 Series Jet Direct (and others) Blue Boar (Jun 18)
- Re: HP LaserJet 4 Series Jet Direct Steven Duckworth (Jun 19)
- omni backup program Antonomasia (Jun 19)
- Re: HP LaserJet 4 Series Jet Direct Felix von Leitner (Jun 21)
- [Fwd: Exploit code for PalmOS] Blue Boar (Jun 17)
- Re: N2H2 Web Proxy/Filter appliance Max Vision (Jun 18)