[NEWS] Zero One Tech (ZOT) P100s PrintServer and SNMP

From: support@securiteam.com
Date: 03/02/02 

From: support@securiteam.com
To: list@securiteam.com
Date: Sat,  2 Mar 2002 20:05:56 +0100 (CET)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Zero One Tech (ZOT) P100s PrintServer and SNMP
------------------------------------------------------------------------

SUMMARY

The <http://www.zot.com.tw/product/zotp100s.htm> ZOT P100s is a hardware
PrintServer device allowing sharing of a parallel printer on a standard
UTP network.

It has embedded telnet, HTTP (among others) and provides information via
SNMP with default community read string. A security vulnerability in the
product allows attackers to access the device even after the administrator
of the box has taken measures to replace the default SNMP community string
and has disabled the SNMP interface.

DETAILS

After connecting to the device and disabling SNMP, and setting the public
string to non-standard, it appears that the device is still accessible.

You can verify this with SNMPWALK - which enumerates a lot of useful
information.

ADDITIONAL INFORMATION

The information has been provided by
<mailto:security@esales.iinet.net.au> Clinton Smith.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Relevant Pages

  • Security Vulnerabilities in SNMP (rev.16)
    ... Security Vulnerabilities in SNMP ... The information in the following Security Bulletin should be acted ... Vulnerabilities in SNMP request and trap handling. ...
    (comp.security.misc)
  • Security Vulnerabilities in SNMP (rev.16)
    ... Security Vulnerabilities in SNMP ... The information in the following Security Bulletin should be acted ... Vulnerabilities in SNMP request and trap handling. ...
    (comp.security.unix)
  • [UNIX] Remote Buffer Overflow Vulnerability in IRIX SNMP Daemon
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... in the SNMP daemon in the SGI IRIX ... The SNMP daemon is enabled by default on the IRIX operating system and is ...
    (Securiteam)
  • [NEWS] D-Link DWL-1000AP can be Compromised Due to Insecure SNMP Configuration
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... allows an attacker to gain the administrative password using a simple SNMP ... A MIB walk using the read-only SNMP community of 'public' (default ... read-only community for most devices) can allow an attacker access to the ...
    (Securiteam)
  • [EXPL] HP LaserJet Network Username and Information Enumeration
    ... Get your security news from a reliable source. ... HP LaserJet printers has an extensive administrative user interface ... provided over SNMP. ... HP LaserJet stores network information from document print requests, ...
    (Securiteam)
Quantcast