HP LaserJet Direct Print Filter Bypass

This script is Copyright (C) 1999-2013 Tenable Network Security, Inc.


Synopsis :

Print filters on the the remote printer can be bypassed.

Description :

By connecting to this port directly, a remote attacker can send
Postscript directly to the remote printer, bypassing lpd and page
accounting.

This is a threat, because an attacker may connect to this printer,
force it to print pages of garbage, and make it run out of paper. If
this printer is used to print security logs, then this will be a
problem.

See also :

http://archives.neohapsis.com/archives/bugtraq/1997_4/0036.html

Solution :

Filter incoming traffic to this port.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Misc.

Nessus Plugin ID: 10104 (hp_remote_print.nasl)

Bugtraq ID:

CVE ID: CVE-1999-1062