Re: DOS attack against HP JetDirect Printers (fwd)

[epadin () WAGWEB COM (Ed Padin)]

I got an HP4000tn with version: ROM G.07.02, EEPROM G.07.03

and this nmap scan does not crash it.

I'm using nmap  2.3BETA14.

> -----Original Message-----
> From: Alfred Huger [mailto:ah () SECURITYFOCUS COM]
> Sent: Thursday, April 20, 2000 11:45 AM
> To: BUGTRAQ () SECURITYFOCUS COM
> Subject: DOS attack against HP JetDirect Printers (fwd)
>
>
> Alfred Huger
> VP of Engineering
> SecurityFocus.com
>
> ---------- Forwarded message ----------
> Date: Thu, 20 Apr 2000 13:08:47 +0200
> From: Paul Knowles <Paul.Knowles () unifr ch>
> To: vuldb () securityfocus com
> Cc: knowles () pexppc33 unifr ch
> Subject: DOS attack against HP JetDirect Printers
>
>
> Hello,
>
> In case anyone is interested, scanning HP printers with
> tools such as nmap will cause the printer to lock up hard.
> I discovered this while trying to diagnose a connection
> problem we were having with a printer.
> I've verified this with at least the following versions of
> JetDirect:
>
> Firmware Rev.   : A.08.06
> Firmware Rev.   : G.08.03
> Firmware Rev.   : G.07.17
> Firmware Rev.   : G.07.03
>
> I haven't been able to establish the exact communications
> causing the lockup; someone with more experience than I
> should check this out.
>
> Any network accessable printer can be put out of service
> with a simple nmap -sT -PT HP.printer.tcp.ip
> A power cycle is required for reset.
>
> My apologies if i have the wrong email address.
> (there is no Submit a Bug instructions on the securityfocus
> site).  HP have no bug reporting facilities either...
>
> thanks,
>
> Paul Knowles.
> email: Paul.Knowles () unifr ch
> finger me at pexppc33.unifr.ch for more contact information