HP
JetDirect J3111A Module Denial of Service Reported November 19, 1999 by Tobias Haustein
The HP JetDirect J3111A module with firmware G.05.35 suffers from a buffer overflow in it"s internal web server that can lead to a crash, and thus, a denial of service. DEMONSTRATION By entering the following URL in a Web browser, the printer prints a diagnostics page showing the contents of all registers and the following 64 bytes of all memory addresses that address registers point to. http://my-printer"s-IP/very-long-rubbish
(256 bytes or so) VENDOR RESPONSE Tobias did not notify HP of this problem, however, the vendor has been made aware through other channels.
Discovered by Tobias Haustein Posted here at NTSecurity.net on November 22, 1999 |
HP JetDirect Denial of Service - 19 Nov 1999
0 comments
Hide comments