TUCoPS :: Network Appliances :: prt6036.htm

HP Jetdirect SNMP password vulnerability when using Web JetAdmin
4th Mar 2003 [SBWID-6036]

	HP Jetdirect SNMP password vulnerability when using Web JetAdmin


	HP  Jetdirect  cards  JetDirect  300X,  (J3263A),  JetDirect   EX   Plus
	(J2591A), JetDirect  400N  (J2552A,  J2552B),  JetDirect  600N  (J3110A,
	J3111A, J3113A) and older.


	Sven Pechler of University of Technology Eindhoven found :
	A Web Jetadmin "device password" had been set  on  the  JetDirect  card.
	(This password must be set from Web Jetadmin and has nothing to do  with
	the Telnet password or the SNMP Set community name)
	In the above situation the Web Jetadmin device password is  readable  as
	plain ASCII tekst from the JetDirect card using SNMP.
	How to check your printers for this vulnerability:
	Use an SNMP toolkit to read the following OID from your printer:
	(In numerical format: .
	An example on  a  Windows  machine,  using  SNMPUTIL  from  the  Windows
	Resource kit:
	C:\>snmputil get public .
	Variable = .iso.org.dod.internet.private.enterprises.
	Value    = String 
	<0x41><0x42><0x43><0x44><0x55><0x56><0x3d><0x31><0x30><0x38><0x3b><0x00><0x00><0x00><0x00> ..etc...
	The resulting string  reads  in  ASCII:  ABCDEF=108;  The  Web  Jetadmin
	device password is the word before the '=' sign, in this case: ABCDEF


	 1.	Keep the Web Jetadmin device password EMPTY (don't do this on newer cards than the ones mentioned above)
	 2.	Define a 'Set community name'  instead
	Additional  means   of   protection   (does   not   address   the   SNMP
	 3.	Define a telnet password (do not keep it empty)
	 4.	Create an 'allow list' from the Telnet console to restrict access from defined IP-addresses

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH