Printer Vulnerabilities (Tektronix and JetDirect)

Elias Levy Tue, 23 Nov 1999 09:28:31 -0800

I am summarizing a number of replies to the printer vulnerability
threads.

Tektronix:

Vulnerable:

Phaser 360 - Wyman Eric Miles <[EMAIL PROTECTED]>
Phaser 840 - HC Security <[EMAIL PROTECTED]>
Phaser 780 - "Tim Adams" <[EMAIL PROTECTED]>

Not Vulnerable:

Phaser 360 - HC Security <[EMAIL PROTECTED]>


HP JetDirect overflow:

Not Vulnerable:

Firmware Revision G.07.17 - Jens Hektor <[EMAIL PROTECTED]>

Vulnerable:

JetDirect 300x print server J3263A firmware H.06.00 - olivier Schott 
<[EMAIL PROTECTED]>

To disable port 80 use the command:

ews-config: 0

>From David Foster <[EMAIL PROTECTED]>:

If you are using bootp/tftp to configure your printers, you can specify an      
allowed IP range in /tftpboot/<printer-name>.cfg, like:

        xxx.yyy.zzz.0  255.255.255.0


--
Elias Levy
Security Focus
http://www.securityfocus.com/

Printer Vulnerabilities (Tektronix and JetDirect)

Reply via email to