On Wed, 2002-02-20 at 04:53, Information Security wrote: > It appears that HP JetDirect firmware is more susceptible to SNMP > vulnerabilities than originally referenced in the CERT Advisory CA-2002-03 > (http://www.cert.org/advisories/CA-2002-03.html). Some basic testing with > Protos on an internal network seems to indicate that devices with JetDirect > firmware x.08.32 crash each time a single malformed SNMP packet is received. > The HP Download Manager for JetDirect reports that the printer software is > up-to-date. After running the SANS tool for finding machines where snmp is active I had a number of people say that their HP printers had a/ hung up and required powering off or resetting b/ spewed out garbage pages. -- Russell Fulton, Computer and Network Security Officer The University of Auckland, New Zealand
