Thinking OPEN

Posts Tagged ‘color_laserjet’

Color Laserjet 20081211_46.211.2 and prior [Medium]

By Security Team • Mar 18th, 2009 • Category: Security Notifications

Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config….

CVE Identifier: CVE-2009-0940
Vulnerability Type(s):
Severity: Medium


Color Laserjet 20081211_46.211.2 and prior [High]

By Security Team • Mar 18th, 2009 • Category: Security Notifications

The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access….

CVE Identifier: CVE-2009-0941
Vulnerability Type(s):
Severity: High


Color Laserjet 20081211_46.211.2 and prior [Medium]

By Security Team • Mar 18th, 2009 • Category: Security Notifications

Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config….

CVE Identifier: CVE-2009-0940
Vulnerability Type(s):
Severity: Medium


Color Laserjet 20081211_46.211.2 and prior [High]

By Security Team • Mar 18th, 2009 • Category: Security Notifications

The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access….

CVE Identifier: CVE-2009-0941
Vulnerability Type(s):
Severity: High


Color Laserjet 20081211_46.211.2 and prior [Medium]

By Security Team • Mar 18th, 2009 • Category: Security Notifications

Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config….

CVE Identifier: CVE-2009-0940
Vulnerability Type(s):
Severity: Medium


Color Laserjet 20081211_46.211.2 and prior [High]

By Security Team • Mar 18th, 2009 • Category: Security Notifications

The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access….

CVE Identifier: CVE-2009-0941
Vulnerability Type(s):
Severity: High


Color Laserjet 20081211_46.211.2 and prior [Medium]

By Security Team • Mar 18th, 2009 • Category: Security Notifications

Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config….

CVE Identifier: CVE-2009-0940
Vulnerability Type(s):
Severity: Medium


Color Laserjet 20081211_46.211.2 and prior [High]

By Security Team • Mar 18th, 2009 • Category: Security Notifications

The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access….

CVE Identifier: CVE-2009-0941
Vulnerability Type(s):
Severity: High


Color Laserjet 20081211_46.211.2 and prior [Medium]

By Security Team • Mar 18th, 2009 • Category: Security Notifications

Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config….

CVE Identifier: CVE-2009-0940
Vulnerability Type(s):
Severity: Medium


Color Laserjet 20081211_46.211.2 and prior [High]

By Security Team • Mar 18th, 2009 • Category: Security Notifications

The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access….

CVE Identifier: CVE-2009-0941
Vulnerability Type(s):
Severity: High


« Older Entries