Vulnerability Name:

CVE-1999-0564 (CCN-1818)

Assigned:1997-10-04
Published:1997-10-04
Updated:2005-10-20
Summary:An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Bypass Security
References:Source: CCN
Type: BugTraq Mailing List, Sat, 4 Oct 1997 18:02:01 -0300
HP Laserjet 4M Plus DirectJet Problem

Source: MITRE
Type: CNA
CVE-1999-0564

Source: MITRE
Type: CNA
CVE-1999-1062

Source: CCN
Type: OSVDB ID: 88
HP LaserJet JetDirect Print Restriction Bypass

Source: XF
Type: UNKNOWN
hp-printer-flood(1818)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/h:hp:network_printer:-:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-1999-0564 (CCN-5550)

    Assigned:1999-07-28
    Published:2000-11-19
    Updated:2000-11-19
    Summary:The could allow Internet users to attach to local printers. Due to a vulnerability in the CUPS access control configuration, a remote attacker can attach to a local printer. The attacker could not gain administrative privileges to the printer, but the attacker could use this to print to the printer to cause it to run out of paper, for example.
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): None
    Impact Metrics:Confidentiality (C): Complete
    Integrity (I): Complete
    Availibility (A): Complete
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-1999-0564

    Source: DEBIAN
    Type: Debian Security Advisory 20001119
    cupsys: remote misuse of printer

    Source: CCN
    Type: MandrakeSoft Security Advisory MDKSA-2000:070
    cups

    Source: XF
    Type: UNKNOWN
    cups-remote-printer-usage(5550)

    Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    hp network printer -
    easy_software_products cups 1.0.4