You are here: silicon.com > Software > Malware

Malware

HP printer software warning

Flaw could be a route into Windows-based computers

Tags: printers, printer

Printer Friendly Email Story RSS

By Joris Evers

Published: 6 April 2006 08:05 GMT

A security flaw in software that ships with two Hewlett-Packard Color LaserJet printers could open a door for cybersnoops, HP has warned.

The vulnerability lies in the Toolbox software that comes with HP's Color LaserJet 2500 and 4600 printers, the company said. The flaw could allow a remote, unauthorised malicious user to retrieve arbitrary files from a Windows computer when the software is running in the default configuration, HP said in a security alert published on Sunday.

The Toolbox is software that installs on a PC along with the drivers. It uses a simple web browser interface for access to printer status information, troubleshooting tips and demos, and an alerts feature.

HP has made HP Color LaserJet 2500/4600 Software Update version 3.1 available to resolve the security issue, it said. Security monitoring company Secunia rates the issue "less critical". The flaw is caused by an input validation error in the web server that's part of the software, according to a Secunia alert, published on Wednesday.

Discovery of the flaw is credited by HP and Secunia to Richard Horsman of Sec-1.com.

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Related Links

HP aims to reclaim top spot for laptops

Dell to debut its first printers

HP forger arrested in China

Being 'green': Practical, possible... and profitable?

CIOs told to wise up to printing... of all things

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business

Second iPhone worm: A botnet risk

Phishers set their sights on corporate accounts

Tax-refund phishing scams hit an all-time high

First critical Windows 7 patches released

Online fraudsters enlist Trojans to run off with your money


  • Jobs
Warehouse/Distribution Manager

Tactful & diplomatic * Co-operative * Tenacious and resilient * Persuasive * Flexible Repaired Product includes – printers, retail product ...

Project Manager ITO in UK

Performs other duties/projects as assigned.Requirements: Degree in the field Bachelor's Degree, Post Graduate Diploma or Professional Degree in ...

Software Quality Engineer

You will approve and provide input into software project deliverables and create validation documents (Test Plans/Procedures, Validation reports) and ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

CEO Dashboard Management: Why Creating Visual Reports You Can't Hide From Will Help...

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

The Truth About Wasteful Spending on Software: How to Stop Giving Your Software Vendors...

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


eBay app lets users bid from a BlackBerry

ID card database: 500 names added in first month

Women in IT: Tech has an image problem

Tesco Mobile to get a taste of Apple's iPhone

Marketing chiefs: Are you spamming your customers?

IT skills shortage squashed by recession?




Quick Sitemap Links: