| VID |
20022 |
| Severity |
40 |
| Port |
161 |
| Protocol |
UDP |
| Class |
SNMP |
| Detailed Description |
The HP JetDirect printer has the web server administrative password exclosure vulnerability via SNMP.
JetDirect printers are network-enabled printers distributed by Hewlett-Packard. HP JetDirect printers leak the embedded web server administrative password under some circumstances. By sending a SNMP READ request to a vulnerable printer, the printer will return the password to the requester. This could allow a remote attacker to access and change configuration of the printer with administrative privileges.
To check your printers for this vulnerability, use an SNMP toolkit to read the following OID from your printer in numerical format:
.1.3.6.1.4.1.11.2.3.9.1.1.13.0
* References:
http://www.securityfocus.com/archive/1/313618
* Platforms Affected:
Any operating system
HP Jetdirect cards JetDirect 300X (J3263A)
HP JetDirect EX Plus (J2591A)
HP JetDirect 400N (J2552A, J2552B)
HP JetDirect 600N (J3110A, J3111A, J3113A) and older |
| Recommendation |
Telnet to the affected printer and set SNMP community name to a strong one.
* Additional means of protection:
1. Define a telnet password (do not keep it empty)
2. Create an 'allow list' from the Telnet console to restrict access from defined IP-addresses. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
