VAR-201510-0739
Vulnerability from variot - Updated: 2022-05-17 02:04HP Printer provided by Photosmart B210 Let's manage the print queue SMB I am using a server. Crafted SMB Service disruption by packet (DoS) A condition can be triggered and a manual restart is required to recover. lead 296 byte Crafted SMB By sending a packet Photosmart B210 The service operation disruption (DoS) It is possible to make it into a state. A manual restart is required to recover. HP States: * "HP has examined this issue reported on the Photosmart B210 and has verified the printer could become unresponsive when fuzzed with the code provided. At no time did we identify buffer overflows with this tool nor our code inspection. The attempted attack produces a non-permanent denial of service. * HP's recommendation for existing models affected by this attack is to power cycle the device to return it to a working state. * HP continually works to improve security and is taking steps to ensure current and future products are not susceptible to this attack." * HP Is Photosmart B210 We have reviewed this issue reported for and confirmed that the printer becomes unresponsive during fuzzing using the provided code. However, neither this fuzzing tool nor our code inspection has confirmed the occurrence of buffer overflow. This attack causes non-persistent service disruption. For existing products affected by this attack, HP Recommends that you turn power back on to return the instrument to working condition. * HP Will continue to improve security and make current and future products less susceptible to this attack. The root cause of the crash is still unknown.Same as the product LAN The product is disrupted by the attacker (DoS) There is a possibility of being put into a state. To recover, the product must be restarted. The HP Photosmart B210 is a printer product from Hewlett-Packard (HP). A denial of service vulnerability exists in the HP Photosmart B210. Attackers can exploit this issue to cause denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0739",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "hp photosmart plus e-all-in-one printer series",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "- b210"
},
{
"model": "photosmart b210",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "photosmart b210",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#840844"
},
{
"db": "CNVD",
"id": "CNVD-2015-07215"
},
{
"db": "BID",
"id": "77290"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006005"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:hp:photosmart_plus_e-all-in-one_printer_series",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006005"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Avery Raaymakers",
"sources": [
{
"db": "BID",
"id": "77290"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-704"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 6.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2015-006005",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-07215",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2015-006005",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07215",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07215"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006005"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP Printer provided by Photosmart B210 Let\u0027s manage the print queue SMB I am using a server. Crafted SMB Service disruption by packet (DoS) A condition can be triggered and a manual restart is required to recover. lead 296 byte Crafted SMB By sending a packet Photosmart B210 The service operation disruption (DoS) It is possible to make it into a state. A manual restart is required to recover. HP States: * \"HP has examined this issue reported on the Photosmart B210 and has verified the printer could become unresponsive when fuzzed with the code provided. At no time did we identify buffer overflows with this tool nor our code inspection. The attempted attack produces a non-permanent denial of service. * HP\u0027s recommendation for existing models affected by this attack is to power cycle the device to return it to a working state. * HP continually works to improve security and is taking steps to ensure current and future products are not susceptible to this attack.\" * HP Is Photosmart B210 We have reviewed this issue reported for and confirmed that the printer becomes unresponsive during fuzzing using the provided code. However, neither this fuzzing tool nor our code inspection has confirmed the occurrence of buffer overflow. This attack causes non-persistent service disruption. For existing products affected by this attack, HP Recommends that you turn power back on to return the instrument to working condition. * HP Will continue to improve security and make current and future products less susceptible to this attack. The root cause of the crash is still unknown.Same as the product LAN The product is disrupted by the attacker (DoS) There is a possibility of being put into a state. To recover, the product must be restarted. The HP Photosmart B210 is a printer product from Hewlett-Packard (HP). \nA denial of service vulnerability exists in the HP Photosmart B210. \nAttackers can exploit this issue to cause denial-of-service condition",
"sources": [
{
"db": "CERT/CC",
"id": "VU#840844"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006005"
},
{
"db": "CNVD",
"id": "CNVD-2015-07215"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-704"
},
{
"db": "BID",
"id": "77290"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#840844",
"trust": 1.9
},
{
"db": "BID",
"id": "77290",
"trust": 1.5
},
{
"db": "JVN",
"id": "JVNVU90756914",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006005",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2015-07215",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201510-704",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#840844"
},
{
"db": "CNVD",
"id": "CNVD-2015-07215"
},
{
"db": "BID",
"id": "77290"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006005"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-704"
}
]
},
"id": "VAR-201510-0739",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07215"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07215"
}
]
},
"last_update_date": "2022-05-17T02:04:33.723000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/77290"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/840844"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90756914/index.html"
},
{
"trust": 0.8,
"url": "http://www.rapid7.com/db/modules/auxiliary/fuzzers/smb/smb2_negotiate_corrupt"
},
{
"trust": 0.3,
"url": "http://www.hp.com/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#840844"
},
{
"db": "CNVD",
"id": "CNVD-2015-07215"
},
{
"db": "BID",
"id": "77290"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006005"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-704"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#840844"
},
{
"db": "CNVD",
"id": "CNVD-2015-07215"
},
{
"db": "BID",
"id": "77290"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006005"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-704"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-21T00:00:00",
"db": "CERT/CC",
"id": "VU#840844"
},
{
"date": "2015-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07215"
},
{
"date": "2015-10-21T00:00:00",
"db": "BID",
"id": "77290"
},
{
"date": "2015-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006005"
},
{
"date": "2015-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-704"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-21T00:00:00",
"db": "CERT/CC",
"id": "VU#840844"
},
{
"date": "2015-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07215"
},
{
"date": "2015-10-21T00:00:00",
"db": "BID",
"id": "77290"
},
{
"date": "2015-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006005"
},
{
"date": "2015-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-704"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-704"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP Photosmart B210 SMB server Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07215"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-704"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "77290"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…