Popular print server software used by many manufacturers is vulnerable to attacks that can bypass authentication processes, change data recording printer use and cause hardware to crash. Sebastián Guerrero, a researcher with viaForensics, found the flaw in Hewlett-Packard’s JetDirect software, which is embedded in printers of manufacturers such as Canon, Fujitsu, Xerox, Lexmark, HP and more. Guerrero told ITWorld he had confirmed the vulnerability on HP DesignJet printers and some Ricoh models.
According to Guerrero, the JetDirect protocol allows an attacker to inject additional information in the form of tags into a print request. An outside party can add universal exit language (UEL) tags, which note the beginning and end of data streams; printer job language (PJL) tags, which tell the printer what actions to take; and printer control language (PCL) tags, which are used to format pages and can be used to exploit vulnerabilities in most parsers.
“As you may have guessed, by infusing tags parsed and used by interpreters of PCL / PJL, an attacker could trigger persistent denial of service affecting a large percentage of models and manufacturers,” Guerrero wrote in a translated post on viaForensics’ blog.
Although printers may not seem like an obvious source of danger in computing infrastructure, this attack vector could cause a number of disruptions, Guerrero noted. If an attacker had access to print queue records, he or she might be able to reprint encrypted documents, thus unencrypting them. Alternately, an attacker could majorly inconvenience an enterprise by bringing down its printers with a denial-of-service (DoS) attack. The attraction of printers as a target for hackers is also rising as new, multifunction devices come equipped with hard drives for storing scanned images or copied pages.
One of the vulnerabilities identified by Guerrero allowed an attacker to bypass the biometric or RFID authentication mechanisms used by many modern office printers to limit access or control print queues, while two others could be used to render the printers unusable. A final vulnerability would allow an attacker to modify user print totals.
This vulnerability follows a 2011 discovery by researchers at Columbia, in which a remote attacker could rewrite a printer’s firmware, potentially allowing unauthorized printing or enabling a code execution that could cause the device to short circuit and catch fire, MSNBC reported at the time. The flaw led to a class action lawsuit being filed against HP.
To mitigate the chance of such embedded software problems occurring, developers can strengthen software security in the development process. Using tools such as static analysis software, coders can scan for errors such as injection flaws and catch potential security issues before they arise.
Software news brought to you by Klocwork Inc., dedicated to helping software developers create better code with every keystroke.