HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Jetdirect | Hp | j3111a_rev._a.08.06 (including) | j3111a_rev._a.08.06 (including) |
| Jetdirect | Hp | j3111a_rev._g.05.35 (including) | j3111a_rev._g.05.35 (including) |
| Jetdirect | Hp | j3111a_rev._g.07.02 (including) | j3111a_rev._g.07.02 (including) |
| Jetdirect | Hp | j3111a_rev._g.07.03 (including) | j3111a_rev._g.07.03 (including) |
| Jetdirect | Hp | j3111a_rev._g.07.17 (including) | j3111a_rev._g.07.17 (including) |
| Jetdirect | Hp | j3111a_rev._g.08.03 (including) | j3111a_rev._g.08.03 (including) |
| Jetdirect | Hp | x.08.00 (including) | x.08.00 (including) |
| Jetdirect | Hp | x.08.04 (including) | x.08.04 (including) |
| Jetdirect | Hp | x.08.05 (including) | x.08.05 (including) |
| Jetdirect | Hp | x.08.20 (including) | x.08.20 (including) |
| Jetdirect | Hp | x.08.32 (including) | x.08.32 (including) |
| Jetdirect | Hp | x.20.00 (including) | x.20.00 (including) |
| Jetdirect | Hp | x.21.00 (including) | x.21.00 (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0345.html
- http://www.iss.net/security_center/static/9693.php
- http://www.kb.cert.org/vuls/id/377003
- http://www.securityfocus.com/bid/5331
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0345.html
- http://www.iss.net/security_center/static/9693.php
- http://www.kb.cert.org/vuls/id/377003
- http://www.securityfocus.com/bid/5331