Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
DOS:NETDEV:HP-LCD-MOD-9100 |
|---|---|
Severity |
Minor |
Recommended |
No |
Category |
DOS |
Keywords |
HP JetDirect LCD Modification (TCP/9100) |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
DOS: HP JetDirect LCD Modification (TCP/9100)
This signature detects attempts to exploit a vulnerability in the printer control language used in HP JetDirect printers. Attackers can send maliciously crafted packets to TCP/9100 to print arbitrary messages on HP printers with LCD panels.
Extended Description
Certain versions of HP JetDirect enabled printers provide a function (PJL command) that changes the LCD display on a printer over TCP/IP. Arbitrary strings can be sent to the LCD display by a remote user using this command. This represents more of a nuisance than a threat, although it is conceivable that the ability to modify the display could be used in some sort of "social engineering" scheme.
Affected Products
- Hp jetdirect rev. G.08.04
- Hp jetdirect rev. G.08.20
- Hp jetdirect rev. H.08.05
- Hp jetdirect rev. H.08.20
- Hp jetdirect x.08.04
- Hp jetdirect x.08.05
- Hp jetdirect x.08.20
- Hp jetdirect_j3111a rev. A.08.06
- Hp jetdirect_j3111a rev. G.05.35
- Hp jetdirect_j3111a rev. G.07.02
- Hp jetdirect_j3111a rev. G.07.03
- Hp jetdirect_j3111a rev. G.07.17
- Hp jetdirect_j3111a rev. G.08.03
References
- BugTraq: 2245
- CVE: CVE-1999-1062
- URL: http://www.securityfocus.com/advisories/526