Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Subject: HP Jetdirect - Invalid FTP Command DoS
From: Peter Grundl (peter.grundlVIGILANTE.COM)
Date: Wed Jul 19 2000 - 04:37:31 CDT
- Next message: Per Hoff: "Re: CheckPoint FW1 BUG"
- Previous message: Benjamin Smee: "Re: CheckPoint FW1 BUG"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
HP Jetdirect - Invalid FTP Command DoS
Advisory Code: VIGILANTE-2000004
July 19, 2000
HP Jetdirect printers using firmware versions:
Older firmware versions, prior to G.08.20 and H.08.20, are probably
If you connect to the ftp service on your HP printer and send it the
following string: quote AAAAAAAAAAA <cr>
The printer crashes. It may require that you turn the power off and
on again to get the printer to work again. The display will show an
error message similar to this: 86:0003 (the bit after the colon seems
to vary a bit, we've also gotten :0004, :000B)
"Thank you for contacting Hewlett-Packard's Customer Care Technical
A fix for this issue is being implemented in the next firmware revision
for HP JetDirect print servers. The release date for this firmware
revision is yet unknown. I assure you that the issue has been
acknowledged and will be fixed in the near future. I appreciate your
help in bringing this matter to our attention and your patience as we
work to correct the issue.
Once again, thank you for contacting Hewlett-Packard's Customer Care
Initially reported on the 25th of May this year. No fix available,
see vendor status. You can apply the following workaround until a fix
To disable FTP through telnet, type the following command sequence:
1. ftp-config: 0.
2. Press Quit.
To enable FTP, type the following command sequence:
1. ftp-config: 1.
For those who wish to disable FTP through SNMP, there is an SNMP
By default, it returns a "1" for enabled.
Copyright VIGILANTe 2000-07-15
The information within this document may change without notice. Use of
this information constitutes acceptance for use in an AS IS
condition. There are NO warranties with regard to this information.
In no event shall the author be liable for any consequences whatsoever
arising out of or in connection with the use or spread of this
information. Any use of this information lays within the user's
Please send suggestions, updates, and comments to: