VAR-200304-0141
Vulnerability from variot - Updated: 2022-05-17 01:44The HP JetDirect printer is a printer with integrated network capabilities developed by Hewlett-Packard. The FTP directory in the HP JetDirect printer is writable, and a remote attacker can exploit this vulnerability to perform a denial of service attack on the print service. Since the HP JetDirect printer's directory permissions for its FTP service are not set correctly, any files sent to the Jetdirect FTP service can be printed, and an attacker can send a large number of requests for a denial of service attack. It has been reported that HP JetDirect Printers accept documents from any source without access control limitations. This could lead to a denial of service or abuse of printing services
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0141",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "psc photosmart printer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2510"
},
{
"model": "jetdirect j6061a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j6058a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j6057a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j6042a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j6039a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j6038a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j6035a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j4169a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j4167a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j3111a rev. g.08.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j3111a rev. g.07.17",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j3111a rev. g.07.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j3111a rev. g.07.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j3111a rev. g.05.35",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j3111a rev. a.08.06",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "300.0x"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.21.00"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.20.00"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.32"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.20"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.05"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.04"
},
{
"model": "jetdirect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x.08.00"
},
{
"model": "jetdirect rev. u.23.99",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect rev. u.22.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect rev. l.23.99",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect rev. l.22.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect rev. h.08.20",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect rev. h.08.05",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect rev. g.08.20",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect rev. g.08.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j3263a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j3113a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j3111a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j3110a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j2591a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j2552b",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect j2552a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1156"
},
{
"db": "BID",
"id": "7422"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability announced by HP.",
"sources": [
{
"db": "BID",
"id": "7422"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2003-1156",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2003-1156",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1156"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The HP JetDirect printer is a printer with integrated network capabilities developed by Hewlett-Packard. The FTP directory in the HP JetDirect printer is writable, and a remote attacker can exploit this vulnerability to perform a denial of service attack on the print service. Since the HP JetDirect printer\u0027s directory permissions for its FTP service are not set correctly, any files sent to the Jetdirect FTP service can be printed, and an attacker can send a large number of requests for a denial of service attack. It has been reported that HP JetDirect Printers accept documents from any source without access control limitations. This could lead to a denial of service or abuse of printing services",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1156"
},
{
"db": "BID",
"id": "7422"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7422",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2003-1156",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1156"
},
{
"db": "BID",
"id": "7422"
}
]
},
"id": "VAR-200304-0141",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1156"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1156"
}
]
},
"last_update_date": "2022-05-17T01:44:51.187000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.securityfocus.com/advisories/5317"
},
{
"trust": 0.3,
"url": "/archive/1/380838"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1156"
},
{
"db": "BID",
"id": "7422"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2003-1156"
},
{
"db": "BID",
"id": "7422"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-1156"
},
{
"date": "2003-04-23T00:00:00",
"db": "BID",
"id": "7422"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-1156"
},
{
"date": "2003-04-23T00:00:00",
"db": "BID",
"id": "7422"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "7422"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP JetDirect Printer FTP Service File Print Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1156"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Configuration Error",
"sources": [
{
"db": "BID",
"id": "7422"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…