lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20041110212615.GA22293@fromage.scout.wisc.edu>
Date: Wed, 10 Nov 2004 15:26:15 -0600
From: Justin Rush <jrush@...ut.wisc.edu>
To: bugtraq@...urityfocus.com
Subject: Unsecure Ftpd on HP PSC 2510 Printer


Product Name: HP PSC 2510
Summary: Ftp print service is not configurable

	This printer comes with an ftp daemon which allows anonymous
access, and drops the user into a write only directory.  By default
anyone from anywhere can drop a file into this directory and the
printer will print the document.  There is no documentation about
this feature, nor is there anyway to change (enable/disable) it
via any of their software or on the printer itself.  HP Tech.
support says that if you don't want this feature then you should
hook up the printer as a local printer, however this printer
comes with both wireless and wired connectors on the back.

Justin Rush
jrush@...ut.wisc.edu

Powered by blists - more mailing lists