HP JetDirect J3111A - Invalid FTP Command Denial of Service

EDB-ID:

20090


Type:

dos


Platform:

Hardware

Date:

2000-07-19


source: https://www.securityfocus.com/bid/1491/info

HP JetDirect firmware is vulnerable to a Denial of Service attack. JetDirect devices have an FTP service which fails to properly handle bad FTP commands sent with the ftp "quote" command. This causes the device to stop responding and possibly display an error message. Powering the device off and on is required to regain normal functionality. 

ftp <printer address>
quote AAAAAAAAAAA