Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: HP LaserJet 4 Series Jet Direct (and others)

From: BlueBoar () THIEVCO COM (Blue Boar)
Date: Sun, 18 Jun 2000 21:31:19 -0700

Joel Michael wrote:


I would consider this a DOS, because, as you said, it can easily run out
of toner/paper.  Another potential problem is if someone pushes
something offensive down to the printer, and just leaves it for the next
person to pick up.



OK, I didn't mean to imply with my smart-ass answer that this isn't a
problem... just that it's not the problem originally stated in the first
post.  (i.e. the problem, as stated by Joel, is that people can
get to your printer AT ALL.  It doesn't matter if they get there via
netcat or Windows printer sharing.)

I like the printing offensive things... that's a cute one.

Along the lines of stuff I am curious about.... Postscript.. as it lives
in printers...  One attack I thught up years ago and did nothing with:
Postscript printers (at least the Laser Writers) had a password feature.
If no password was set, anyone could set one.  Then the printer wouldn't
accept any jobs without the password.  You then couldn't take the password
off without the password (or openeing the printer case...)

I've seen lots of cool Postscript programming examples by that secret
money-making tinaja quest... Don Lancaster?  Anwyay, I'd been curious, and
never followed up on whether or not the Postscript interpreter had access
to the network stack.

Would it be possible to write a Postscript worm that went looking for
printers, propagated itself, and set passwords?

As to other printer fun.  Joel mentioned FTP built into the Kyocera
printers.  Who wants to be that it would be vulnerable to the FTP
bounce attack?

                                        BB
Previous By Date Next
Previous By Thread Next

Current thread: