Xerox patches critical hole in multifunction printers
Printer exploits are often not taken seriously, but this case illustrates why they should be. Attackers could not only manipulate the device's configuration, but also retrieve printed or copied documents from the device's memory. Obviously, this could include confidential information – a particular risk in corporate environments.
According to the vendor's report, the problem is caused by a buffer overflow in Samba the open source file server which is part of the embedded software of these devices. Arbitrary code may be injected and executed using specially-crafted packets.
The security issue of corporate printers and copiers has been known for quite some time. Therefore, these devices have been security checked according to the Common Criteria Recognition Agreement accordingly. Among others, the IEEE's P2600 Hardcopy Device and System Security Group has looked into the subject and developed special printer protection profiles. Xerox has also had many of its printers evaluated according to specific protection profiles. However, the current problem shows once again that even an EAL certificate is no guarantee of the absence of security holes.