exploit the possibilities
Showing 1 - 3 of 3 RSS Feed

CVE-2010-4107

Status Candidate

Overview

The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack.

Related Files

HP JetDirect PJL Interface Universal Path Traversal
Posted Aug 7, 2011
Authored by Myo Soe | Site metasploit.com

This Metasploit module exploits a path traversal issue in possibly the entire HP network-enabled printer series, especially those which enable the Printer Job Language (aka PJL) command interface through the default JetDirect port 9100. With the decade-old dot-dot-slash payloads, the entire printer file system can be accessed or modified.

tags | exploit, file inclusion
advisories | CVE-2010-4107
MD5 | 073be97ace9a9667942eea0a0d3f8b1e
HP LaserJet PJL Interface Directory Traversal
Posted Nov 30, 2010
Authored by Moritz Jodeit | Site nruns.com

A directory traversal vulnerability has been found in the PJL file system access interface of various HP LaserJet MFP devices. File system access through PJL is usually restricted to a specific part of the file system. Using a pathname such as 0:\..\..\..\ it is possible to get access to the complete file system of the device.

tags | exploit
advisories | CVE-2010-4107
MD5 | 79d26b9b4e5c973e5fc016d41e265db2
HP Security Bulletin HPSBPI02575 SSRT090255
Posted Nov 16, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02575 SSRT090255 - A potential security vulnerability has been identified with HP LaserJet MFP printers, HP Color LaserJet MFP printers, and certain HP LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to files. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2010-4107
MD5 | 457c4f82590c9236ba3ad37c63aea8b8
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    11 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close