[Intrusions] Does anyone know of references for printer exploits?

[Smith, Donald]

nsf if fairly trivial to exploit basically you just guess an inode to
get access to a file. Its easier when the filesystem is small, static
and the inodes are not randomized (such as on a printer).

There is a reasonable mitigation step, block nfs at the edge
router/firewall no-one outside of your network should have access to nfs
inside your enterprize network anyways.
You may also be able to turn off nfs on the printer if your not using
that as a fileupload method to get files printed. 

Donald.Smith at qwest.com GCIA
design_in_security @ the beginning & 
ease_of_use != A*(1/Data_Security)

> -----Original Message-----
> From: intrusions-bounces at lists.sans.org 
> [mailto:intrusions-bounces at lists.sans.org] On Behalf Of 
> Hensinger Aaron D Contr MCOM
> Sent: Thursday, February 03, 2005 9:44 AM
> To: intrusions at incidents.org
> Subject: [Intrusions] Does anyone know of references for 
> printer exploits?
> 
> 
> A recent ISS security scan showed numerous printers as having 
> NFS mounts
> available on them. They are rated as a HIGH risk, but 
> reference servers
> in their remarks for corrective action. I was curious if 
> anyone knew if
> this was indeed a HIGH risk in regards to printers and if so 
> does anyone
> have a link they could share about any exploits that may take 
> advantage
> of this?
> 
>  
> 
> Thanks,
> 
> Aaron
> 
> _______________________________________________
> Intrusions mailing list
> Intrusions at lists.sans.org
> http://www.dshield.org/mailman/listinfo/intrusions
>