Vulnerabilities > CVE-2001-1039 - Unspecified vulnerability in HP Jetadmin

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

NVD

Published: 2001-08-31

Updated: 2008-09-05

Summary

The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.

Vulnerable Configurations

Part	Description	Count
Application	Hp HP Jetadmin 4.0 HP Jetadmin 4.1.2 HP Jetadmin 5.1 HP Jetadmin 5.5 HP Jetadmin 5.5.177 HP Jetadmin 5.6 HP Jetadmin 6.0 HP Jetadmin 6.1 HP Jetadmin 6.2	9

References

http://www.securityfocus.com/archive/1/201160
http://www.securityfocus.com/bid/3132