In association with heise online

06 February 2009, 17:01

HP LaserJets vulnerable to remote file access

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

HP have released a security bulletin which alerts users of certain HP LaserJet printers, Color LaserJet and Digital Senders that the devices have a potential vulnerability that could allow unauthorised access to files in the printer. The affected devices include the HP LaserJet 2410, 2420, 2430, 4250, 9040, 9050, 4345mfp, 9040mfp, 9050mfp, the HP Color Laserjet 4730mfp and 9500mfp and the HP Digital Sender 9200C. Fixed firmware is now available from HP, who advise that the bulletin should be acted on as soon as possible.

The problem was reported in October 2008 and involves a potential attacker being able to gain read-only access to files outside the web administration system's root directory. This in turn could expose configuration files or cached documents.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit