HP LaserJet 4200/4300打印机任意固件升级漏洞

漏洞信息详情

HP LaserJet 4200/4300打印机任意固件升级漏洞

• CNNVD编号：CNNVD-200412-1157
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2004-2439
  
• 漏洞类型：
  
  
  访问验证错误
  
• 发布时间：
  
  2004-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  hp
• 漏洞来源：
  Serguei Patchkovsk…

HP LaserJet 4200和4300打印机的远程升级功能不需要密码。远程攻击者可以升级固件。

HP has released advisory SSRT4840 along with a solution dealing with this issue. For more information on applying the solution please see the referenced vendor advisory. It should be noted that the advisory in question is accessible by registered members only.

来源: XF
名称: hp-laserjet-firmware-upgrade(17634)
链接:http://xforce.iss.net/xforce/xfdb/17634

来源: BID
名称: 11297
链接:http://www.securityfocus.com/bid/11297

来源: SECTRACK
名称: 1011671
链接:http://securitytracker.com/id?1011671

来源: HP
名称: SSRT4840
链接:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=PSD_HPSBPI01085