Wednesday, February 11, 2009

Hackers can reach to your printer

Hacking is not only about computers. This week, HP has alerted owners of its LaserJet printers of a vulnerability that could lead to unauthorized access of files stored on those printers.

In its security bulletin, HP said 13 different models were affected by the flaw, and said owners should download and apply a firmware patch as soon as possible.

According to a listing on the Common Vulnerabilities and Exposures website, the problem is a “directory traversal vulnerability in the HP JetDirect web administration interface”.

Printers are not often thought of as a security risk, but with many now featuring hard disks on which potentially sensitive data could be stored, it makes sense to ensure they are secure.

“Printers tend to be low on the priority list of systems or devices to be patched, this one will likely linger for years to come,” said analyst Adrien de Beaupre of the Internet Storm Center.

“The impact might not seem severe, as in the attacker can view the printer configuration, however viewing cached versions of printed documents can be. Other than patching, disallowing access to the web admin interface is likely the only other mitigation.”

Source: www.itpro.co.uk

Key words: hackers, printers, danger

No comments: