[Pauldotcom] HP9000 multifunction devices hooked into AD
k41zen
k41zen at live.co.uk
Wed Nov 4 20:32:42 UTC 2009
Considering what the supplier has implemented so far, I'm guessing its
bad and then some.
Thanks all for the heads up.
On 4 Nov 2009, at 13:10, Bob Patterson wrote:
> You would be correct sir.
>
> From: Bradley McMahon
> Sent: Tuesday, November 03, 2009 7:42 AM
> To: PaulDotCom Security Weekly Mailing List
> Subject: Re: [Pauldotcom] HP9000 multifunction devices hooked into AD
>
>
> I suggest preforming a port scan on one of the devices and see what
> is running my guess is telnet is wide open with no password and SNMP
> is enabled by default.
>
> -Brad
>
>
>
> On Tue, Nov 3, 2009 at 7:55 AM, k41zen <k41zen at live.co.uk> wrote:
> So a client has purchased several HP9040 multifunction devices (MFP)
> to allow them to use the scanning feature so that they can scan a doc
> and have it email the result to them.
>
> From the limited documentation provided, several areas of interest
> jump out such as:
>
> Securely stores usernames and email addresses with an LDAP
> sync from AD
> Authenticates the user to AD at the printer panel
> Scan a document and have it automatically emailed to you
> Scan a document and have it automatically saved to your home
> drive
>
> I get to play with this later this week but wondered if someone has
> already looked into what fun can be had with these devices.
>
> Grateful for any info.
>
> Regards,
>
> k41zen
>
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091104/5ab29e80/attachment.htm
More information about the Pauldotcom
mailing list