Detections
Analytics

HP LaserJet Direct Print Filter Bypass

medium Nessus Plugin ID 10104

Synopsis

Print filters on the remote printer can be bypassed.

Description

By connecting to this port directly, a remote attacker can send Postscript directly to the remote printer, bypassing lpd and page accounting.

This is a threat, because an attacker may connect to this printer, force it to print pages of garbage, and make it run out of paper. If this printer is used to print security logs, then this will be a problem.

Solution

Filter incoming traffic to this port.

See Also

https://seclists.org/bugtraq/1997/Oct/32

Plugin Details

Severity: Medium

ID: 10104

File Name: hp_remote_print.nasl

Version: 1.31

Type: remote

Family: Misc.

Published: 6/22/1999

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/h:hp:jetdirect

Required KB Items: devices/hp_printer

Vulnerability Publication Date: 10/4/1997

Reference Information

CVE: CVE-1999-1062