SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Device (Printer)  >  LaserWriter Printers Vendors:  Apple Computer
Apple LaserWriter 12/640 PS Printer Default Configuration Allows Remote Users to Access the Telnet Management Port
SecurityTracker Alert ID:  1005488
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Oct 26 2002
Impact:  User access via network
Exploit Included:  Yes  
Advisory:  UkR Security Team
Description:  A default configuration vulnerability was reported in the Apple LaserWriter 12/640 PS printer. A remote user can access the printer's management port.

UkR Security Team reported that the default configuration of the printer does not protect the telnet management port with a password. A remote user can access the device to monitor printer activity or cause denial of service conditions.
Impact:  In the default configuration, a remote user can access the telnet management port.
Solution:  Users can manually set a password after the setup process has been completed.
Vendor URL:  www.apple.com/ (Links to External Site)
Cause:  Configuration error
Reported By:  "UkR security team" <cuctema@ok.ru>
Message History:   None.

 Source Message Contents
Date:  Sat, 26 Oct 2002 08:52:32 +0400
From:  "UkR security team" <cuctema@ok.ru>
Subject:  TCP/IP Printer Configuration Utility for Apple.LaserWriter

 

Release Date:  October 26, 2002
Product     :  TCP/IP Printer Configuration Utility for 
Apple.LaserWriter 12/640 PS
Vendor      :  Apple Computer, Inc. (http://www.apple.com)
Remote      :  Yes
Author      :  UkR-XblP (cuctema@ok.ru)/ UkR security team 
 

About :
TCP/IP Printer Configuration Utility is the installation 
and management software for 
Apple.LaserWriter 12/640 PS printer.

Overview:
Device do not set a password for telnet access.  As a 
result, the telnet port will be
left exposed to unrestricted remote access. Remote users 
with malicious intent will
be able to access the device to cause a denial of service, 
or potentially monitor
printer activity to gather information that may be used to 
compromise systems. 


Solution:
Set the telnet password manually after setup printer.
---
Professional hosting for everyone - http://www.host.ru


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2002, SecurityGlobal.net LLC