Vulnerability

    HP Jetdirect

Affected

    HP Jetdirect using firmware versions: G.08.04, H.08.05, G.08.20, H.08.20

Description

    Peter Grundl found following.   Older firmware versions, prior  to
    G.08.20 and H.08.20, are probably also vulnerable.  If you connect
    to the ftp service  on your HP printer  and send it the  following
    string:

        quote AAAAAAAAAAA <cr>

    The printer crashes.  It may  require that you turn the power  off
    and on again to get the  printer to work again.  The  display will
    show an  error message  similar to  this:   86:0003 (the bit after
    the colon seems to vary a bit, we've also gotten :0004, :000B).

Solution

    A fix  for this  issue is  being implemented  in the next firmware
    revision for  HP JetDirect  print servers.   The release  date for
    this firmware revision is yet unknown.

    You can apply  the following workaround  until a fix  is released.
    To  disable  FTP  through  telnet,  type  the  following   command
    sequence:

        1. ftp-config: 0.
        2. Press Quit.

    To enable FTP, type the following command sequence:

        1. ftp-config: 1.
        2. quit.

    For those who wish to disable FTP through SNMP, there is an SNMP

        OID: .1.3.6.1.4.1.11.2.4.3.5.19.0
        type: integer.
        0: disables
        1: enables

    By default, it returns a "1" for enabled.