[Dshield] Known instances of malware using printers as an attack vector?
thegesus at gmail.com
Wed Feb 28 16:06:52 GMT 2007
This ftp printer attack sounds interesting....
According to the author it can make certain HP printers unusable. As
in DEAD. Not even a power cycle revives them. I never heard a
followup on that one.
If you have a Big Ass Xerox Printer printing your payroll/bills/etc,
chances are it has a Sun box attached to it that has never seen a
nmap can often use a printer for an Idlescan...
Although it doesn't involve printers directly, there was also lately
an HP print driver that offers near-instant privilege escalation to
We found it on over 170 workstations and 20 servers (in a 4000 user
On 2/27/07, ed.truitt at etee2k.net <ed.truitt at etee2k.net> wrote:
> I have been asked to look into whether our network printers present a
> level of risk to the network that is higher than has been the case in
> previous years. In order to answer that question, I was wondering if
> anyone has solid evidence of the following:
> * Malware (of whatever type) that actually attacks printers, or uses a
> vulnerability found on a network printer to propogate
> * An increase in vendor disclosures of vulnerabilities in their
> printing products, and specifically an increase in the number of
> security fixes (patches) issued for printer-related vulnerabilities
> TIA for any assistance you can provide.
> ~Ed T.
> SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
> taught by our top rated instructors plus a huge vendor tools expo.
> Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)
More information about the list