Considering what the supplier has implemented so far, I'm guessing its
bad and then some.
Thanks all for the heads up.
On 4 Nov 2009, at 13:10, Bob Patterson wrote:
You would be correct sir.
From: Bradley McMahon
Sent: Tuesday, November 03, 2009 7:42 AM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] HP9000 multifunction devices hooked into AD
I suggest preforming a port scan on one of the devices and see what
is running my guess is telnet is wide open with no password and SNMP
is enabled by default.
-Brad
On Tue, Nov 3, 2009 at 7:55 AM, k41zen <[email protected]> wrote:
So a client has purchased several HP9040 multifunction devices (MFP)
to allow them to use the scanning feature so that they can scan a doc
and have it email the result to them.
From the limited documentation provided, several areas of interest
jump out such as:
Securely stores usernames and email addresses with an LDAP
sync from AD
Authenticates the user to AD at the printer panel
Scan a document and have it automatically emailed to you
Scan a document and have it automatically saved to your home
drive
I get to play with this later this week but wondered if someone has
already looked into what fun can be had with these devices.
Grateful for any info.
Regards,
k41zen
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
