Jetdirect
by Microfocus
CVEs (12)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1048 | 0.04 | — | 0.14 | Oct 4, 2002 | HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0. | |||
| CVE-2009-2684 | 0.03 | — | 0.02 | Oct 13, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL… | |||
| CVE-2007-1772 | 0.03 | — | 0.03 | Mar 30, 2007 | The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname. | |||
| CVE-2000-0636 | 0.03 | — | 0.04 | Jul 19, 2000 | HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command. | |||
| CVE-2007-0358 | 0.00 | — | 0.03 | Jan 19, 2007 | Unspecified vulnerability in the FTP server implementation in HP Jetdirect firmware x.20.nn through x.24.nn allows remote attackers to cause a denial of service via unknown vectors. | |||
| CVE-2001-1040 | 0.00 | — | 0.02 | Aug 31, 2001 | HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password. | |||
| CVE-2000-1064 | 0.00 | — | 0.03 | Dec 11, 2000 | Buffer overflow in the LPD service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | |||
| CVE-2000-1065 | 0.00 | — | 0.03 | Dec 11, 2000 | Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service (printer crash) via a malformed packet. | |||
| CVE-2000-1062 | 0.00 | — | 0.03 | Dec 11, 2000 | Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | |||
| CVE-2000-1063 | 0.00 | — | 0.03 | Dec 11, 2000 | Buffer overflow in the Telnet service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | |||
| CVE-1999-1062 | 0.00 | — | 0.02 | Oct 4, 1997 | HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100. | |||
| CVE-1999-1061 | 0.00 | — | 0.04 | Oct 4, 1997 | HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging. |
- CVE-2002-1048Oct 4, 2002risk 0.04cvss —epss 0.14
HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.
- CVE-2009-2684Oct 13, 2009risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL…
- CVE-2007-1772Mar 30, 2007risk 0.03cvss —epss 0.03
The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname.
- CVE-2000-0636Jul 19, 2000risk 0.03cvss —epss 0.04
HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command.
- CVE-2007-0358Jan 19, 2007risk 0.00cvss —epss 0.03
Unspecified vulnerability in the FTP server implementation in HP Jetdirect firmware x.20.nn through x.24.nn allows remote attackers to cause a denial of service via unknown vectors.
- CVE-2001-1040Aug 31, 2001risk 0.00cvss —epss 0.02
HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.
- CVE-2000-1064Dec 11, 2000risk 0.00cvss —epss 0.03
Buffer overflow in the LPD service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.
- CVE-2000-1065Dec 11, 2000risk 0.00cvss —epss 0.03
Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service (printer crash) via a malformed packet.
- CVE-2000-1062Dec 11, 2000risk 0.00cvss —epss 0.03
Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.
- CVE-2000-1063Dec 11, 2000risk 0.00cvss —epss 0.03
Buffer overflow in the Telnet service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.
- CVE-1999-1062Oct 4, 1997risk 0.00cvss —epss 0.02
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100.
- CVE-1999-1061Oct 4, 1997risk 0.00cvss —epss 0.04
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging.