Jetadmin

CVEs (5)

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2000-0444	0.03	—	0.05	May 24, 2000	HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000.
CVE-2000-0443	0.03	—	0.04	May 24, 2000	The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-1999-1433	0.03	—	0.01	Jul 15, 1998	HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file.
CVE-2001-1040	0.00	—	0.01	Aug 31, 2001	HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.
CVE-2001-1039	0.00	—	0.01	Aug 31, 2001	The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.

CVE-2000-0444May 24, 2000
risk 0.03cvss —epss 0.05
HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000.
CVE-2000-0443May 24, 2000
risk 0.03cvss —epss 0.04
The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-1999-1433Jul 15, 1998
risk 0.03cvss —epss 0.01
HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file.
CVE-2001-1040Aug 31, 2001
risk 0.00cvss —epss 0.01
HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.
CVE-2001-1039Aug 31, 2001
risk 0.00cvss —epss 0.01
The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.