HP Jetdirect multiple DoS



Advisory Code:   VIGILANTE-2000014



Release Date:

October 10, 2000



Systems Affected:

("x" means any valid firmware letter)

- Printers with HP JetDirect Firmware x.08.04

- Printers with HP JetDirect Firmware x.08.05

- Printers with HP JetDirect Firmware x.08.20

- Likely other versions as well



THE PROBLEMS

The firmware in the HP JetDirect card contain multiple vulnerabilities

that can have effects ranging from the service crashing to the printer

initiating a firmware upgrade based on random garbage in the memory,

and in the last case powercycling won't fix the crash. It requires a

new firmware burn by eg. HP to restore the Jetdirect card.



The FTP service, the TELNET service and the LPD service all contain

buffer handling problems. Furthermore, the JetDirect IP implementation

contains a vulnerability that will cause the printer to crash, if a

certain malformed packet is sent to the printer. This packet can be

spoofed.



Vendor Status:

The vendor was contacted on the 25th of August and the vulnerabilities

were verified by them on the 7th of September.



Fix:

The new firmware versions can be retrieved using the following URL:

http://www.hp.com/cposupport/networking/software/allhpjd3.exe.html





Vendor   URL: http://www.hp.com

Product  URL: http://www.pandi.hp.com/pandi-db/home_page.show



Copyright VIGILANTe 2000-08-25



Disclaimer:

The information within this document may change without notice. Use of

this information constitutes acceptance for use in an AS IS

condition. There are NO warranties with regard to this information.

In no event shall the author be liable for any consequences whatsoever

arising out of or in connection with the use or spread of this

information. Any use of this information lays within the user's

responsibility.



Feedback:

Please send suggestions, updates, and comments to:



VIGILANTe

mailto: isis@vigilante.com

http://www.vigilante.com