Posted to Bugtraq on October 10, 2000 by Peter Grundl <email@example.com> and publicized in a VIGILANTe Security Advisory (2000014).
HP JetDirect x.08.20
HP JetDirect x.08.05
HP JetDirect x.08.04
The FTP, Telnet, and LPD components of HP JetDirect firmware are susceptible to multiple buffer overflow vulnerabilities. In addition, the IP implementation in JetDirect does not properly handle certain malformed packets. Depending on the vulnerability, successful exploitation could lead to a denial of service attack against the JetDirect or destruction of the firmware.
Firmware replacement is required in order to return the JetDirect card to normal operations.
It has been reported that CodeRed may exploit this vulnerability.
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org.
HP has released a new version of firmware that is not affected by these vulnerabilities: