|
Bugtraq
mailing list archives
RE: Promiscuous email printing in Canon imageRunner
From: "Eric McCarty" <eric () lawmpd com>
Date: Wed, 29 Sep 2004 10:10:10 -0700
You think that's bad?, HP Laserjet 4000's, 4100's, 4200's and others
accept any print job you FTP to them, and its anonymous ftp so anyone
can ftp in and send over a print job using the PUT command. This is
nothing new and has been long reported however.
The trick would be finding a way to upload files to the onboard printer
memory and keep them there, 64mb of space to hide a tarball or zip of
utils would defintely be nice on campus networks.
Eric
-----Original Message-----
From: Matthew E. Lauterbach [mailto:mlauterbach () mail wtamu edu]
Sent: Monday, September 27, 2004 2:02 AM
To: bugtraq () securityfocus com
Subject: RE: Promiscuous email printing in Canon imageRunner
On Thursday, September 23, 2004 5:44 PM Andrew Daviel wrote:
The Canon iR5000i digital printer (and probably other imageRunner
models) has a somewhat undocumented print-from-email feature.
Any text/plain email sent to port 25 on the device will be printed.
The MAIL FROM and RCPT TO values are not authenticated or even checked
for syntax.
The Canon iR85 does not seem to have this "feature". Doing "telnet
10.0.0.1 25" to either of my iR85 printers returns "Could not open
connection to the host, on port 25: Connect failed".
Matt Lauterbach
 By Date 
By Thread
Current thread:
|
Intro
