Overview
The HP Photosmart B210 printer utilizes an SMB server for managing the print queue. An invalid SMB packet may cause a denial of service condition, requiring the printer to be restarted.
Description
Fuzzing the first 296 bytes of an SMB packet may in some cases cause a denial of service condition on the HP Photosmart B210 printer. This is a persistent denial of service that requires the printer to be manually restarted to resume normal operations. HP has released the following statement:
HP's recommendation for existing models affected by this attack is to power cycle the device to return it to a working state. HP continually works to improve security and is taking steps to ensure current and future products are not susceptible to this attack." The underlying cause of the crash remains unclear. |
Impact
An unauthenticated user on the same network as the printer may be able to cause a persistent denial of service, requiring the printer to be restarted to regain functionality. |
Solution
The CERT/CC is currently unaware of a full solution to this problem. However, the following advice may be useful. |
Power cycle the printer |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 6.1 | AV:A/AC:L/Au:N/C:N/I:N/A:C |
| Temporal | 5.8 | E:F/RL:U/RC:C |
| Environmental | 4.4 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
Acknowledgements
Thanks to Avery Raaymakers for reporting this vulnerability.
This document was written by Garret Wassermann.
Other Information
| CVE IDs: | None |
| Date Public: | 2015-10-21 |
| Date First Published: | 2015-10-21 |
| Date Last Updated: | 2015-10-21 20:09 UTC |
| Document Revision: | 27 |