vulnerabilities of postscript printers

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: vulnerabilities of postscript printers
From: Bob Kryger <bobk@xxxxxxxxx>
Date: Thu, 22 Jan 2004 13:45:59 -0500
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: 2624385767
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6a) Gecko/20031030

During one of our security reviews the following situation wasuncovered. What are your thoughts?

Suppose a postscript printer has multiple interfaces connected todifferent networks, is there a way to leverage PostScript to create avulnerability such as.

1. Allow an attacker log in to the printer and then gain access to theother network?2. Create a postscipt program to send copies of printouts to one of theinterfaces?3. What if one of the interfaces is a JetDirect connected via a parallelport?

It has been suggested that PostScript is very powerful and can be usedto accomplish a number of general purpose computing tasks includingcopying data from one port to another and examining memory. Since theparallel interface is bidirectional what is keeping data from being sendfrom the printer to the network, breaching security.

My preliminary web searches do not reveal much in the way of postscriptprinter vulnerabilities.


Thanks
Bob

Follow-Ups:
- Re: vulnerabilities of postscript printers
  - From: der Mouse
- Re: vulnerabilities of postscript printers
  - From: Darren Reed

Prev by Date: Major hack attack on the U.S. Senate
Next by Date: Re: Hijacking Apache 2 via mod_perl
Previous by thread: RE: Major hack attack on the U.S. Senate
Next by thread: Re: vulnerabilities of postscript printers
Index(es):
- Date
- Thread