TUCoPS :: Network Appliances :: b06-1423.htm

HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability
HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability
HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability



                                SEC-1 LTD
www.sec-1.com 

                             Security Advisory

Advisory Name:	HP Colour LaserJet 2500 and 4600 Toolbox Directory 
=09		Traversal Vulnerability

 Release Date:	04/04/2006
  Application: 	HP Colour LaserJet 2500 and 4600 Toolbox
     Platform: 	Microsoft Windows (all supported versions)
     Severity: 	Remote Arbitrary File Access
       Author: 	Richard Horsman
Vendor Status: 	Fixed
CVE Candidate: 	Pending
Reference: 	http://www.sec-1.com 


Overview: 

The HP Colour LaserJet 2500 and 4600 Toolbox provides links to printer
status 
information, help information and tools for diagnosing and solving
problems. 


Vulnerability Details: 

Sec-1 has identified a security vulnerability within the HP Colour
LaserJet 
2500 and 4600 Toolbox software which could allow unauthorised access to
the 
file system.

The vulnerable process hosts a HTTP interface on TCP port 5225 and is 
susceptible to directory traversal. An attacker would have access to any
file
the logged on user has access to within the affected file system.


Exploit:

To exploit this issue:

The following request would attempt to retrieve the c:\boot.ini file via

a standard web browser.

http://:5225/../../../boot.ini 

This will retrieve the boot.ini file from the affected host.

Vendor Response:

HP has made the "HP Colour LaserJet 2500/4600 Software Update" 
version 3.1 available to resolve the issue.

The software update can be downloaded as follows:

For the HP Colour LaserJet 2500

   1. Browse to

http://www.hp.com/go/clj2500_software 
   2. Select ">>Download Drivers and Software"
   3. Under "Select your product" choose the printer model.
   4. Under "Select operating system" choose the operating system.
   5. Download the "HP Colour LaserJet 2500/4600 Software Update"
      version 3.1
   6. Follow the download instructions presented on the "HP Colour
      LaserJet 2500/4600 Software Update" download page to run
      the update.

For the HP Colour LaserJet 4600

   1. Browse to

http://www.hp.com/go/clj4600_software 
   2. Under "Select your product" choose the printer model.
   3. Under "Select operating system" choose the operating system.
   4. Download the "HP Colour LaserJet 2500/4600 Software Update"
      version 3.1
   5. Follow the download instructions presented on the "HP Colour
      LaserJet 2500/4600 Software Update" download page to run the 
=09update.

Sec-1 specialises in the provision of network security solutions. For more information on products and services we offer visit www.sec-1.com or call 0113 257 8955.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH