[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 7 Jul 2003 13:11:03 +0200
From: DOUHINE Davy <DDOUHINE@...info.fr>
To: bugtraq@...urityfocus.com
Subject: Remote DoS on Canon GP300
Affected: Canon GP300 using WebSpooler v4.5.062 (fr), other versions ?
Risk: High
Remote: Yes
Description:
A simple http request can crash the whole print server.
Request is "GET /" on tcp/80
After sending "GET /" a reboot is needed to print again or to take hand on
the print server.
The web server seems to be Apache/1.0.3 (banner is returned in some
conditions).
I did not find this vulnerability for Apache/1.0.3 on securityfocus so this
banner is maybe a fake or the code has been changed.
Canon has been contacted.
They said message has been forwarded to services concerned by this
vulnerability (dev ?).
No news since.
Ce message et toutes les pièces jointes (ci-après le "message") sont établis à l'intention exclusive de ses destinataires et sont confidentiels. Si vous recevez ce message par erreur, merci de le détruire et d'en avertir immédiatement l'expéditeur. Toute utilisation de ce message non conforme à sa destination, modification, diffusion ou toute publication, totale ou partielle, est interdite, sauf autorisation expresse.FININFO (et ses filiales) décline(nt) toute responsabilité au titre de ce message, dans l'hypothèse ou il aurait été modifié, altéré, falsifié ou encore édité ou diffusé sans autorisation.
-----------------------------------------------------
This message and any attachments (the "message") is intended
solely for the addressees and is confidential. If you receive this
message in error, please delete it and immediately notify the
sender. Any use not in accord with its purpose, any dissemination
or disclosure, either whole or partial, is prohibited except formal
approval. Neither FININFO (nor any of its subsidiaries or affiliates)
shall be liable for the message if modified, altered, falsified, edited
or diffused without authorization.
Powered by blists - more mailing lists