-----Original Message----- From: Joshua Newton [mailto:babyswan@comcast.net] Sent: Wednesday, February 20, 2002 12:42 AM To: bugtraq@securityfocus.com Subject: Re: Cert Advisory 2002-03 and HP JetDirect >> In fact,while I'm at it, most every embedded IP stack I've ever seen has been at least this fragile, if not more so -- I've seen Intermec OpenAir access points, Ricoh network print cards, and Powerware UPS SNMP boxes all exhibit the same kind of awful -- and inexcusable -- fragility.<< Quite often these are commercial, off the peg TCP/IP stacks. I have seen some dreadful examples, both in terms of fragility and of TCP sequence number generation. I've seen sequential, sequential based on standard increments, and repeating sequences. Commercial stacks are often found on network peripherals, and on printers in particular. The danger lies in the fact that these devices are seen as 'only' printers etc, when they are actually complex devices able to support web and ftp servers, with processors and (sometimes significant) memory and storage capabilities. They are just another host on the network, with lots of functionality and little or no security. Compromise a network via the printers and you will have a network managers attention. The only problem lies in the paucity of solutions available to correct the issue. I'm working with one manufacturer to improve their product line, but manufacturers in general have a long way to go. Mark Brewis Security Consultant EDS Information Assurance Group Wavendon Tower Milton Keynes Buckinghamshire MK17 8LX. Tel: +44 (0)1908 28 4234/4013 Fax: +44 (0)1908 28 4393 E@: mark.brewis@eds.com mail@check-security.demon.co.uk PGP Key ID: C36D 770F 49F7 CC91 2E5A A2BE FE6E CD43 E6CD 9184
