CVE-2002-1048

Description

HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.

Affected products

• HP / jetdirectj3111a_rev._a.08.06 – j3111a_rev._a.08.06
• HP / jetdirectj3111a_rev._g.05.35 – j3111a_rev._g.05.35
• HP / jetdirectj3111a_rev._g.07.02 – j3111a_rev._g.07.02
• HP / jetdirectj3111a_rev._g.07.03 – j3111a_rev._g.07.03
• HP / jetdirectj3111a_rev._g.07.17 – j3111a_rev._g.07.17
• HP / jetdirectj3111a_rev._g.08.03 – j3111a_rev._g.08.03
• HP / jetdirectx.08.00 – x.08.00
• HP / jetdirectx.08.04 – x.08.04
• HP / jetdirectx.08.05 – x.08.05
• HP / jetdirectx.08.20 – x.08.20
• HP / jetdirectx.08.32 – x.08.32
• HP / jetdirectx.20.00 – x.20.00
• HP / jetdirectx.21.00 – x.21.00

References

• MISChttp://www.kb.cert.org/vuls/id/377003
• MISChttp://www.iss.net/security_center/static/9693.php
• MISChttp://archives.neohapsis.com/archives/bugtraq/2002-07/0345.html
• MISChttp://www.securityfocus.com/bid/5331