LPRng or JetDirect vulnerability
Posted: 2001-04-05 06:22:20 Expiration: 2001-04-05 06:22:20
A number of reports of HP laser printers spitting out garbage output pages were verified by BadgIRT. If a customer wants DOIT's help resolving the issue, escalate the case to USS. See doc 382 for handling info.
BadgIRT is aware of an issue in which hackers on the Internet may be
scanning the UW-Madison networks looking for vulnerable
computers. Specifically, hackers may be scanning for the LPRng bug, in
part, found linux RedHat 7.0 boxes
(http://www.cert.org/advisories/CA-2000-22.html).
This scanning has the side effect of causing some printers with tcpip
stacks to produce garbage output sometimes causing a large volume of blank
pages. The output typically contains one line of text, maybe containing
the words "security".
If assistance is needed in locking down the printers, please contact the
DoIT Delp Desk.
-- Jeff Savoy