HP LaserJet Direct Print Filter Bypass

This script is Copyright (C) 1999-2016 Tenable Network Security, Inc.


Synopsis :

Print filters on the remote printer can be bypassed.

Description :

By connecting to this port directly, a remote attacker can send
Postscript directly to the remote printer, bypassing lpd and page
accounting.

This is a threat, because an attacker may connect to this printer,
force it to print pages of garbage, and make it run out of paper. If
this printer is used to print security logs, then this will be a
problem.

See also :

http://archives.neohapsis.com/archives/bugtraq/1997_4/0036.html

Solution :

Filter incoming traffic to this port.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Misc.

Nessus Plugin ID: 10104 (hp_remote_print.nasl)

Bugtraq ID:

CVE ID: CVE-1999-1062

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial