exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

HP Security Bulletin HPSBPI03546 1

HP Security Bulletin HPSBPI03546 1
Posted Mar 4, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI03546 1 - A potential security vulnerability has been identified with certain HP LaserJet Printers and MFPs, and certain HP OfficeJet Enterprise printers and MFPs, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2016-2244
SHA-256 | db9fa0aaa519130f69d0a3334e16ce41d0c763e84b355f7fa9bc8c588445252f

HP Security Bulletin HPSBPI03546 1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:
https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05030353
Version: 1

HPSBPI03546 rev.1 - HP LaserJet Printers and MFPs, HP OfficeJet Enterprise
Printers, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as soon
as possible.

Release Date: 2016-03-02
Last Updated: 2016-03-02

Potential Security Impact: Remote disclosure of information

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY

A potential security vulnerability has been identified with certain HP LaserJet
Printers and MFPs, and certain HP OfficeJet Enterprise printers and MFPs, which
could be exploited remotely to allow disclosure of information.

References:

* CVE-2016-2244 (PSR-2016-0021)

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

Please refer to the RESOLUTION below for a list of impacted products.

BACKGROUND

For a PGP signed version of this security bulletin please write to:
security-alert@hp.com

CVSS 2.0 Base Metrics
================================================================================
Reference Base Vector Base Score

CVE-2016-2244 (PSR-2016-0021) (AV:N/AC:L/Au:N/C:N/I:C/A:N) 7.8
================================================================================

RESOLUTION

HP has provided firmware updates for impacted printers as listed in the table
below. To obtain the updated firmware, go to www.hp.com and follow these steps:

1. Under support, select "Download Drivers".

2. Enter the appropriate product name listed in the table below into the
search field.

3. Click on "Find my product".

4. Click on the appropriate product.

5. Under "Operating Systems" select the applicable operating system from the
list.

6. Select the appropriate firmware update under "Firmware", click "Download".

Firmware Updates Table

Affect Product (Model Affected Affected Resolution Firmware
Numbers) Firmware Firmware Version (Bundle)
Bundle Version

HP Color LaserJet 3.6.3 2307497_543950
Enterprise M651 3.6.4 2307619_547160 2307851_000048
(CZ255A, CZ256A, CZ257A, 3.7 2307781_551200 (3.7.01)
CZ258A) 3.7.1 2307884_553037
3.7.2 2307939_554654

3.6.3 2307497_543953
HP Color LaserJet 3.6.4 2307619_547145 2307851_000051
Enterprise M750 3.7 2307781_551203 (3.7.01)
(D3L08A, D3L09A, D3L10A) 3.7.1 2307884_553040
3.7.2 2307939_554657

3.6.3 2307497_543947
HP Color LaserJet M680 3.6.4 2307619_547157 2307851_000059
(CZ249A, CZ250A, CA251A) 3.7 2307781_551196 (3.7.01)
3.7.1 2307884_553034
3.7.2 2307939_554651

3.6.3 2307497_543957
HP LaserJet Enterprise 500 3.6.4 2307619_547167 2307851_000056
color MFP M575dn 3.7 2307781_551207 (3.7.01)
(CD644A, CD645A) 3.7.1 2307884_553044
3.7.2 2307939_554662

3.6.3 2307497_543945
HP LaserJet Enterprise 500 3.6.4 2307619_547155 2307851_000043
MFP M525f 3.7 2307781_551195 (3.7.01)
(CF116A, CF117A) 3.7.1 2307884_553032
3.7.2 2307939_554649

3.6.3 2307497_543961
HP LaserJet Enterprise 600 3.6.4 2307619_547168 2307851_000040
M601 3.7 2307781_551208 (3.7.01)
(CE989A, CE990A) 3.7.1 2307884_553045
3.7.2 2307939_554664

3.6.3 2307497_543961
HP LaserJet Enterprise 600 3.6.4 2307619_547168 2307851_000040
M602 3.7 2307781_551208 (3.7.01)
(CE991A, CE992A, CE993A) 3.7.1 2307884_553045
3.7.2 2307939_554664

3.6.3 2307497_543961
HP LaserJet Enterprise 600 3.6.4 2307619_547168 2307851_000040
M603xh 3.7 2307781_551208 (3.7.01)
(CE994A, CE995A, CE996A) 3.7.1 2307884_553045
3.7.2 2307939_554664

3.6.3 2307497_543958
HP LaserJet Enterprise 700 3.6.4 2307619_547166 2307851_000055
color MFP M775 series 3.7 2307781_551206 (3.7.01)
(CC522A, CC523A, CC524A) 3.7.1 2307884_553043
3.7.2 2307939_554660

3.6.3 2307497_543955
HP LaserJet Enterprise 700 3.6.4 2307619_547165 2307851_000053
M712xh 3.7 2307781_551205 (3.7.01)
(CF235A, CF236A, CF238A) 3.7.1 2307884_553042
3.7.2 2307939_554659

3.6.3 2307497_543951
HP LaserJet Enterprise 800 3.6.4 2307619_547161 2307851_000049
color M855 3.7 2307781_551201 (3.7.01)
(A2W77A, A2W78A, A2W79A) 3.7.1 2307884_553038
3.7.2 2307939_554655

HP LaserJet Enterprise 800 3.6.3 2307497_543946
color MFP M880 3.6.4 2307619_547156 2307851_000058
(A2W76A, A2W75A, D7P70A, 3.7 2307781_551196 (3.7.01)
D7P71A) 3.7.1 2307884_553033
3.7.2 2307939_554650

3.6.3 2307497_543964
HP LaserJet Enterprise 3.6.4 2307619_547169 2307851_000057
Color 500 M551 Series 3.7 2307781_551209 (3.7.01)
(CF081A,CF082A,CF083A) 3.7.1 2307884_553046
3.7.2 2307939_554665

3.6.3 2307497_543957
HP LaserJet Enterprise 3.6.4 2307619_547167 2307851_000056
Color flow MFP M575c 3.7 2307781_551207 (3.7.01)
(CD646A) 3.7.1 2307884_553044
3.7.2 2307939_554662

3.6.3 2307497_543948
HP LaserJet Enterprise 3.6.4 2307619_547158 2307851_000046
flow M830z MFP 3.7 2307781_551198 (3.7.01)
(CF367A) 3.7.1 2307884_553035
3.7.2 2307939_554652

3.6.3 2307497_543945
HP LaserJet Enterprise 3.6.4 2307619_547155 2307851_000043
flow MFP M525c 3.7 2307781_551195 (3.7.01)
(CF118A) 3.7.1 2307884_553032
3.7.2 2307939_554649

3.6.3 2307497_543943
HP LaserJet Enterprise 3.6.4 2307619_547153 2307851_000041
Flow MFP M630z 3.7 2307781_551193 (3.7.01)
(B3G85A) 3.7.1 2307884_553030
3.7.2 2307939_554647

3.6.3 2307497_543952
HP LaserJet Enterprise 3.6.4 2307619_547163 2307851_000035
M806 3.7 2307781_551202 (3.7.01)
(CZ244A, CZ245A) 3.7.1 2307884_553039
3.7.2 2307939_554656

3.6.3 2307497_543943
HP LaserJet Enterprise MFP 3.6.4 2307619_547153 2307851_000041
M630 3.7 2307781_551193 (3.7.01)
(J7X28A) 3.7.1 2307884_553030
3.7.2 2307939_554647

HP LaserJet Enterprise MFP 3.6.3 2307497_543954
M725 3.6.4 2307619_547164 2307851_000054
(CF066A, CF067A, CF068A, 3.7 2307781_551204 (3.7.01)
CF069A) 3.7.1 2307884_553041
3.7.2 2307939_554658

3.6.3 2307497_543944
HP OfficeJet Enterprise 3.6.4 2307619_547154 2307851_000039
Color MFP X585 3.7 2307781_551194 (3.7.01)
(B5L04A, B5L05A, B5L07A) 3.7.1 2307884_553031
3.7.2 2307939_554648

3.6.3 2307497_543949
HP OfficeJet Enterprise 3.6.4 2307619_547159 2307851_000047
Color X555 3.7 2307781_551199 (3.7.01)
(C2S11A, C2S12A) 3.7.1 2307884_553036
3.7.2 2307939_554653

System management and security procedures must be reviewed frequently to
maintain system integrity. HP is continually reviewing and enhancing the
security features of software products to provide customers with current secure
solutions.

"HP is broadly distributing this Security Bulletin in order to bring to the
attention of users of the affected HP products the important security
information contained in this Bulletin. HP recommends that all users determine
the applicability of this information to their individual situations and take
appropriate action. HP does not warrant that this information is necessarily
accurate or complete for all user situations and, consequently, HP will not be
responsible for any damages resulting from user's use or disregard of the
information provided in this Bulletin. To the extent permitted by law, HP
disclaims all warranties, either express or implied, including the warranties
of merchantability and fitness for a particular purpose, title and
non-infringement."

REVISION HISTORY

Version:1 (rev.1) ? 01 March 2016 Initial release

Copyright 2016 Hewlett-Packard Development Company, L.P.

Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or its
affiliates, subcontractors or suppliers will be liable for incidental,special
or consequential damages including downtime cost; lost profits;damages relating
to the procurement of substitute products or services; or damages for loss of
data, or software restoration. The information in this document is subject to
change without notice. Hewlett-Packard Company and the names of Hewlett-Packard
products referenced herein are trademarks of Hewlett-Packard Company in the
United States and other countries. Other product and company names mentioned
herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJW2MrgAAoJEPRuzn0I+N3Z+uMQAJ3Z2s5H1BllX7uvcKCeqSfb
Y4Lcbd1rWDJiBPaej2fRR97fxVLBO9QTZKEhghTcehpIBfIjLcSR2PxaT8z0RC5C
y8lTUFkU4IXXgWd58Pk21jUsFAHuQHQSpSYBQx+7/8ekturguwxlMgxjIJkWWnpU
79pUMCzCR1Q9jLaDNv4hmHCGo42L7Qn/4Kr5PQxWZ19OzdBOtNA5Kk2/DsLR6Q6u
tKuBwlh+QMW9rFRenAKrfkZfyA3AeyUy/i4YR2Ghww8GXJzDoyjfFQWzdWJhs9UL
LYzymXnkNe74BhthPAkyCQqbunpXOstNWYpG36uSImrNvOs6sOMWUj5saiAT1Znv
MLiUMCUXZkadGwavXdWtHBUR7aDARyOPxg6F31XzcgV6bqjKzSUAYGI3WYVf6Jk3
pXrmW49no3y1luXHz6MDlTBKL09aZu9kCOpT555kH1hOu+mAMs0UBY72kDUF3839
+Mcb1R71mYGYR93jAmAXvJ51J2axlN0J7FF7o4mxowfrXPFTapqQF8s90IOhDtLk
CQlSCSAD+NV0edzPy0zT77whx8GFIn5+DyEQ9tLfUq9Dl/e4DZWEKya9Q2UfTobJ
tFG8VHUsXmk29rFYWk4gViO8OITq8p5A3mjmQ1R4NbQ4KbJJolHoK1PO/7VLHY5W
UaJxLGryGjM699Yk6htj
=zguU
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close