HP Jetdirect - Invalid FTP Command DoS Advisory Code: VIGILANTE-2000004 Release Date: July 19, 2000 Systems Affected: HP Jetdirect printers using firmware versions: - G.08.04 - H.08.05 - G.08.20 - H.08.20 Older firmware versions, prior to G.08.20 and H.08.20, are probably also vulnerable. THE PROBLEM If you connect to the ftp service on your HP printer and send it the following string: quote AAAAAAAAAAA The printer crashes. It may require that you turn the power off and on again to get the printer to work again. The display will show an error message similar to this: 86:0003 (the bit after the colon seems to vary a bit, we've also gotten :0004, :000B) Vendor Status: "Thank you for contacting Hewlett-Packard's Customer Care Technical Center. A fix for this issue is being implemented in the next firmware revision for HP JetDirect print servers. The release date for this firmware revision is yet unknown. I assure you that the issue has been acknowledged and will be fixed in the near future. I appreciate your help in bringing this matter to our attention and your patience as we work to correct the issue. Once again, thank you for contacting Hewlett-Packard's Customer Care Technical Center." Fix: Initially reported on the 25th of May this year. No fix available, see vendor status. You can apply the following workaround until a fix is released: To disable FTP through telnet, type the following command sequence: 1. ftp-config: 0. 2. Press Quit. To enable FTP, type the following command sequence: 1. ftp-config: 1. 2. quit. For those who wish to disable FTP through SNMP, there is an SNMP OID: .1.3.6.1.4.1.11.2.4.3.5.19.0 type: integer. 0: disables 1: enables By default, it returns a "1" for enabled. Vendor URL: http://www.hp.com Product URL: http://www.pandi.hp.com/pandi-db/home_page.show Copyright VIGILANTe 2000-07-15 Disclaimer: The information within this document may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any consequences whatsoever arising out of or in connection with the use or spread of this information. Any use of this information lays within the user's responsibility. Feedback: Please send suggestions, updates, and comments to: VIGILANTe mailto: info@vigilante.com http://www.vigilante.com