Linked by Howard Fosdick on Sat 31st Dec 2011 07:57 UTC
Bugs & Viruses Columbia University researchers claim millions of HP printers could be open to remote attack via unsecured Remote Firmware Updates. Cybercriminals could steal personal information or attack otherwise secure networks. HP agrees there is a theoretical security problem but says no customer has ever reported unauthorized printer access. The company denies some of the claims and is still investigating others.
Permalink for comment 501775
To read all comments associated with this story, please click here.
PJL Issues
by Gestahlt on Sat 31st Dec 2011 14:36 UTC
Member since:

We at our company do a lot of security on HP devices. We had a few customers suffering from HP Printer exploits. Mostly they were misused as fileservers which can easily exploided by PJL. Older MFPs were suffering most of it since they also had a relatively large HDD (40-80GB).

The PJL exploits are also rather easy to do, and you cant really say its an exploid since its pretty well documented how you upload files and execute commands (except for the ASCIIHEX commands where you can do Printer internal stuff like engine commands, resetting counters and so on)

The first thing you should do is to disable PJL command execution. There are rarely cases you ever need that. There is 3rd Party software that relies on PJL to count printed pages or tray selection but then again you have to tell the devs that they should please refrain from using PJL and using SNMP and PCL instead.

Also this is not an HP only issue. There are a lot of other devices where you can do this kind of exploiting and executing code. Certain Beamers for an instance or also some cheap NAS devices (which can actually be more dangerous since you often have a full Linux shell beneath it). Without proper network security you are at your own fault anyway.

Reply Score: 4