Created
August 5, 2017 23:44
-
-
Save tipilu/53f142466507b2ef4c8ceb08d22d1278 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Denial of Service vulnerability in Debut embedded httpd 1.20 in Brother | |
| DCP-J132W (and probably other DCP models) allows remote attackers to | |
| hang the printer (disrupting its network connection) by sending a | |
| large amount of HTTP packets. | |
| ------------------------------------------ | |
| [Vulnerability Type Other] | |
| CWE-400, Denial of Service | |
| ------------------------------------------ | |
| [Vendor of Product] | |
| Brother | |
| ------------------------------------------ | |
| [Affected Product Code Base] | |
| DCP-J132W - H | |
| ------------------------------------------ | |
| [Affected Component] | |
| Debut embedded httpd 1.20 (Brother/HP printer http admin) is affected | |
| ------------------------------------------ | |
| [Attack Type] | |
| Remote | |
| ------------------------------------------ | |
| [Impact Denial of Service] | |
| true | |
| ------------------------------------------ | |
| [Attack Vectors] | |
| To exploit this vulnerability, the affected device must be connected to the same network as the attacker. | |
| ------------------------------------------ | |
| [Has vendor confirmed or acknowledged the vulnerability?] | |
| true | |
| ------------------------------------------ | |
| [Discoverer] | |
| zaeek @ GBTISA |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment