| VID |
29071 |
| Severity |
30 |
| Port |
161 |
| Protocol |
UDP |
| Class |
Printer |
| Detailed Description |
The HP Jetdirect print server, according to its firmware version, allows a remote attacker to
gain unauthorized access to the print server or cause it to crash. This vulnerability has been reported by HP in J6038A JetDirect 310x Print Servers running version Q.24.06 firmware. HP has released a firmware upgrade in response.
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.securityfocus.com/advisories/5083
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00001902
* Platforms Affected:
HP JetDirect 310X Q.24.06 |
| Recommendation |
Upgrade to the latest firmware version (Q.24.09 or later), available from the HP Download Manager Web site at http://www.hp.com/go/dlm_sw . Firmware can also be upgraded using HP Web Jetadmin, the Jetdirect Embedded Web Server, and using FTP. More information about these methods is available on the HP Security Bulletin: HPSBMI0303-002, http://www.securityfocus.com/advisories/5083 |
| Related URL |
(CVE) |
| Related URL |
7070 (SecurityFocus) |
| Related URL |
11541 (ISS) |
|
