Synopsis
The administrative password of the remote HP JetDirect printer can be obtained using SNMP.
Description
It is possible to obtain the password of the remote HP JetDirect web server by sending SNMP requests.
An attacker may use this information to gain administrative access to the remote printer.
Solution
Disable the SNMP service on the remote host if you do not use it, or filter incoming UDP packets going to this port.
http://www.securityfocus.com/archive/1/313714/2003-03-01/2003-03-07/0
Plugin Details
File Name: snmp_hpJetDirectEWS.nasl
Supported Sensors: Nessus
Risk Information
Vulnerability Information
Required KB Items: SNMP/community, SNMP/OID
Exploit Ease: Exploits are available
Vulnerability Publication Date: 7/27/2002