Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Phenoelit Advisory, 0815 ++ /- Brother_NC

From: kim0 <kim0 () phenoelit de>
Date: Sat, 27 Jul 2002 12:03:10 +0200

--
           kim0   <kim0 () phenoelit de>
       Phenoelit (http://www.phenoelit.de)
90C0 969C EC71 01DC 36A0  FBEF 2D72 33C0 77FC CD42

Phenoelit Advisory <wir-haben-auch-mal-was-gefunden #0815 +-++>

[ Authors ]
        FX              <fx () phenoelit de>
        FtR             <ftr () phenoelit de>
        kim0            <kim0 () phenoelit de>  
        DasIch          <DasIch () phenoelit de>

        Phenoelit Group (http://www.phenoelit.de)
        Advisory        http://www.phenoelit.de/stuff/Brother_NC.txt

[ Affected Products ]
        Brother Corporation
                                NC-3100h

        Brother Bug ID:         Not assigned

[ Vendor communication ]
        06/29/02        Initial Notification
                        *Note-Initial notification by phenoelit
                        includes a cc to cert () cert org by default
        07/19/02        Notification of intent to post public
                        in apx. 7 days.


[ Overview ]
        The Brother NC-3100h provides network connectivity for Brother 
        printers (much in the same way as the HP JetDirect card). 
        
[ Description ]
        By sending an oversized administrative password using the web-interface, 
        an attacker can cause the printer to crash.

[ Example ]
        Enter a password for the administrator that is 136 characters or more 
        and <click> the button. The printer will crash.

[ Solution ]
        None known at this time. 

[ end of file ]
Previous By Date Next
Previous By Thread Next

Current thread: