lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1100274666.6881.67.camel@localhost.localdomain>
Date: Fri, 12 Nov 2004 10:51:06 -0500
From: Lawrence MacIntyre <macintyrelp@...l.gov>
To: KF_lists <kf_lists@...netops.com>
Cc: Justin Rush <jrush@...ut.wisc.edu>, bugtraq@...urityfocus.com
Subject: Re: Unsecure Ftpd on HP PSC 2510 Printer


Hmmm...  The description in the original message (contained below)
states that it has a write-only directory.  I see the problem if you
remove the write-only part;-)

On Fri, 2004-11-12 at 10:47 -0500, KF_lists wrote:
> Excuse me... Hijetter.exe uses port 9100 to dump files off... however 
> you CAN retrieve them via port 21 AFTER dumping them off via port 9100.
> 
> -KF
> 
> Lawrence MacIntyre wrote:
> > A write-only ftp server doesn't seem like a good place to do that since 
> > you can't get them back out...
> > 
> > (nice try, though...)
> > 
> > KF_lists wrote:
> > 
> >> Nothing like someone using the memory on your printer to stash a few 
> >> files...
> >>
> >> http://www.phenoelit.de/hp/docu.html
> >> -KF
> >>
> >> Lawrence MacIntyre wrote:
> >>
> >>> So why is this insecure?  Why is this different from port 631 (ipp) or
> >>> port 515 (lpd)?  It's a printer.  You give it a file, it prints it.  The
> >>> port or protocol it uses is immaterial...
> >>>
> >>> On Wed, 2004-11-10 at 15:26 -0600, Justin Rush wrote:
> >>>
> >>>> Product Name: HP PSC 2510
> >>>> Summary: Ftp print service is not configurable
> >>>>
> >>>>     This printer comes with an ftp daemon which allows anonymous
> >>>> access, and drops the user into a write only directory.  By default
> >>>> anyone from anywhere can drop a file into this directory and the
> >>>> printer will print the document.  There is no documentation about
> >>>> this feature, nor is there anyway to change (enable/disable) it
> >>>> via any of their software or on the printer itself.  HP Tech.
> >>>> support says that if you don't want this feature then you should
> >>>> hook up the printer as a local printer, however this printer
> >>>> comes with both wireless and wired connectors on the back.
> >>>>
> >>>> Justin Rush
> >>>> jrush@...ut.wisc.edu
> >>>
> >>>
> > 
-- 
Lawrence MacIntyre     865.574.8696     macintyrelp@...l.gov
               Oak Ridge National Laboratory
High Performance Information Infrastructure Technology Group
               AKO: lawrence.macintyre@...army.mil
           SIPRNet: macintyrelp@...l.doe.sgov.gov



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ