HP JetDirect Internal Webserver Long URL DoS Vulnerability

The JetDirect J3111A module is used to connect many models of HP printers to a network. It includes a bult-in webserver for remote printer administration. This server is vulnerable due to an overflowable buffer in the code that handles incoming URLs. If a URL longer than 256 characters is requested the printer will crash.

This problem seems to be dependent on firmware revision. If you know of a firmware revision that has been tested with regards to this vulnerability, please email vuldb@securityfocus.com .


Privacy Statement
Copyright 2010, SecurityFocus