CVE-2001-1039

Description

The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.

Affected products

• HP / jetadmin4.0 – 4.0
• HP / jetadmin4.1.2 – 4.1.2
• HP / jetadmin5.1 – 5.1
• HP / jetadmin5.5 – 5.5
• HP / jetadmin5.5.177 – 5.5.177
• HP / jetadmin5.6 – 5.6
• HP / jetadmin6.0 – 6.0
• HP / jetadmin6.1 – 6.1
• HP / jetadmin6.2 – 6.2

References

• MISChttp://www.securityfocus.com/bid/3132
• MISChttp://www.securityfocus.com/archive/1/201160