Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: kim0 (kim0_at_phenoelit.de)
Date: Sat Jul 27 2002 - 05:05:11 CDT
-- kim0 <kim0phenoelit.de> Phenoelit (http://www.phenoelit.de) 90C0 969C EC71 01DC 36A0 FBEF 2D72 33C0 77FC CD42
Phenoelit Advisory <wir-haben-auch-mal-was-gefunden #0815 +--+>
[ Authors ] FX <fxphenoelit.de> kim0 <kim0phenoelit.de>
[ Affected Products ] SEH GmbH IC9 Pocket Print Server
Tested on SEH IC9 (Firmware 7.1.30 and 7.1.36f)
SEH Bug ID: Not assigned
[ Vendor communication ] 06/29/02 Initial Notification, supportseh.de *Note-Initial notification includes a cc to certcert.org 06/29/02 Auto-Responder reply from SEH 07/01/02 Human ack. from SEH, denial that problem exists along with new firmware version 07/01/01 Despite fact that phenoelit is not a software test-lab, we confirmed that problem exists in new firmware as well and passed info to vendor 07/19/02 Notification of intent to post publically in apx. 7 days.
[ Overview ] The IC9 Pocket Print Server is a small pocket sized network interface for printers. [ Description ] By sending an oversized administrative password using the web-interface, an attacker can cause the print server device to reboot itself (and reset the printer attached).
[ Example ] Enter a password for the administrator that is 300 characters or more and <click> the button.
[ Solution ] None known at this time.
[ end of file ]