Bugtraq mailing list archives
Re: vulnerabilities of postscript printers
From: Bob Beck <beck () bofh cns ualberta ca>
Date: Sat, 24 Jan 2004 12:58:50 -0700
My god, people attach printers to networks! Postscript is Turing Complete!Blah blah - you can't open files...Sure you can, RTFM...
Who cares? if it's a network attached printer there's some sort of
IP stack in there speaking lpr, and some semblance of an operating
system. It's a computer. It has network interfaces, the software is
certainly full of bugs and sucks, like most other software. It's
probably exploitable. Why would you treat this device any differently
than any other network attachable device on your secured network?
Either you allow devices to have connections to both secured and
unsecured networks or you don't. If you think a printer, refrigerator,
jet-direct device, set-top-box, 802.11? stuff, coffee machine, coke
machine, Cell phone, PDA, etc. etc. could never be exploited to talk to
whatever it's talking to, please call me, I have a great opportunity
with a moose milking ranch to get you in on early.
-Bob
Current thread:
- Re: vulnerabilities of postscript printers, (continued)
- Re: vulnerabilities of postscript printers Stephen Samuel (Jan 24)
- Re: vulnerabilities of postscript printers Glynn Clements (Jan 24)
- Re: vulnerabilities of postscript printers Nate Eldredge (Jan 24)
- Re: vulnerabilities of postscript printers der Mouse (Jan 23)
- Re: vulnerabilities of postscript printers Michael Zimmermann (Jan 24)
- Re: vulnerabilities of postscript printers der Mouse (Jan 24)
- Re: vulnerabilities of postscript printers Michael Zimmermann (Jan 24)
- Re: vulnerabilities of postscript printers der Mouse (Jan 24)
- Re: vulnerabilities of postscript printers Michael Zimmermann (Jan 24)
- Re: vulnerabilities of postscript printers Ian Farquhar - Network Security Group (Jan 27)
- Re: vulnerabilities of postscript printers Theo de Raadt (Jan 24)