HP LaserJet Direct Print Filter Bypass

This script is Copyright (C) 1999-2016 Tenable Network Security, Inc.


Synopsis :

Print filters on the remote printer can be bypassed.

Description :

By connecting to this port directly, a remote attacker can send
Postscript directly to the remote printer, bypassing lpd and page
accounting.

This is a threat, because an attacker may connect to this printer,
force it to print pages of garbage, and make it run out of paper. If
this printer is used to print security logs, then this will be a
problem.

See also :

http://seclists.org/bugtraq/1997/Oct/32

Solution :

Filter incoming traffic to this port.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Misc.

Nessus Plugin ID: 10104 (hp_remote_print.nasl)

Bugtraq ID:

CVE ID: CVE-1999-1062

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now