Bugtraq mailing list archives
Re: vulnerabilities of postscript printers
From: Bob Beck <beck () bofh cns ualberta ca>
Date: Sat, 24 Jan 2004 12:58:50 -0700
My god, people attach printers to networks! Postscript is Turing Complete!Blah blah - you can't open files...Sure you can, RTFM...
Who cares? if it's a network attached printer there's some sort of IP stack in there speaking lpr, and some semblance of an operating system. It's a computer. It has network interfaces, the software is certainly full of bugs and sucks, like most other software. It's probably exploitable. Why would you treat this device any differently than any other network attachable device on your secured network? Either you allow devices to have connections to both secured and unsecured networks or you don't. If you think a printer, refrigerator, jet-direct device, set-top-box, 802.11? stuff, coffee machine, coke machine, Cell phone, PDA, etc. etc. could never be exploited to talk to whatever it's talking to, please call me, I have a great opportunity with a moose milking ranch to get you in on early. -Bob
Current thread:
- Re: vulnerabilities of postscript printers, (continued)
- Re: vulnerabilities of postscript printers Stephen Samuel (Jan 24)
- Re: vulnerabilities of postscript printers Glynn Clements (Jan 24)
- Re: vulnerabilities of postscript printers Nate Eldredge (Jan 24)
- Re: vulnerabilities of postscript printers der Mouse (Jan 23)
- Re: vulnerabilities of postscript printers Michael Zimmermann (Jan 24)
- Re: vulnerabilities of postscript printers der Mouse (Jan 24)
- Re: vulnerabilities of postscript printers Michael Zimmermann (Jan 24)
- Re: vulnerabilities of postscript printers der Mouse (Jan 24)
- Re: vulnerabilities of postscript printers Michael Zimmermann (Jan 24)
- Re: vulnerabilities of postscript printers Ian Farquhar - Network Security Group (Jan 27)
- Re: vulnerabilities of postscript printers Theo de Raadt (Jan 24)