Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service (device crash) via a long string in the (1) LIST or (2) NLST command.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ftp_print_server | Hp | 2.4 (including) | 2.4 (including) |
| Ftp_print_server | Hp | 2.4.5 (including) | 2.4.5 (including) |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051367.html
- http://secunia.com/advisories/23396
- http://securityreason.com/securityalert/2074
- http://www.securityfocus.com/archive/1/454817/100/0/threaded
- http://www.vupen.com/english/advisories/2006/5081
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051367.html
- http://secunia.com/advisories/23396
- http://securityreason.com/securityalert/2074
- http://www.securityfocus.com/archive/1/454817/100/0/threaded
- http://www.vupen.com/english/advisories/2006/5081